What is our primary use case?
Cisco Secure Access serves as our primary solution for providing secure remote access to corporate applications and resources for a distributed workforce. We use it to enforce consistent security policies across users, devices, and locations, while enabling access to both cloud-based and on-premises applications.
A good example of this is supporting our hybrid workforce. Employees regularly work from home, at customer sites, and while traveling, and Cisco Secure Access provides secure connectivity to internal applications without requiring full network access. In one instance, a contractor needed access to a specific application hosted in our data center. Using Cisco Secure Access, we were able to grant application-level access based on identity and device posture rather than opening broad VPN access. This improved security while allowing the contractor to become productive immediately. The platform also provided visibility into access activity and automatically enforced policies, which reduced administrative effort and helped us maintain compliance requirements. The experience was seamless for the user and significantly reduced the risk associated with traditional remote access methods.
In addition to secure remote access, we leverage Cisco Secure Access to strengthen our zero trust security strategy across the organization. We use granular access controls to ensure users can only reach the applications and resources required for their roles, which helps reduce risk and simplify compliance efforts. The solution also provides valuable visibility into our users' activity, device posture, and potential security threats, allowing our security team to respond more quickly to unusual behavior. Another benefit has been the ability to provide secure access for third-party vendors and contractors without exposing the broader network. The centralized management, consistent policy enforcement, and seamless user experience have made Cisco Secure Access an important part of our overall security and hybrid workflow infrastructure.
What is most valuable?
Cisco Secure Access offers several features that stand out for our organization supporting modern hybrid work environments. One of the most valuable capabilities is its zero trust network access (ZTNA), which provides secure identity-based access to applications without exposing the entire network. The platform also delivers strong security controls through continuous user and device verification, helping ensure that only authorized users can access sensitive resources. Another key feature is centralized policy management, which allows administrators to create and enforce consistently secure policies across users, devices, and locations.
The feature that has had the biggest impact for our team is zero trust network access (ZTNA). Prior to implementing Cisco Secure Access, remote users often required broader network access through traditional VPN connections, which increased administrative overhead and security concerns. With ZTNA, access is granted at the application level based on user identity, device posture, and security policies rather than network location. This approach has significantly improved our security posture by reducing the attack surface and limiting lateral movement opportunities. It has also streamlined our workload because access requests are easier to manage and policies can be applied consistently across users and applications. Employees and contractors are able to securely connect to the resources they need from any location without sacrificing performance or user experience. The combination of stronger security, simplified access management, and improved visibility has made ZTNA the most valuable capability within Cisco Secure Access for our organization.
What needs improvement?
Overall, Cisco Secure Access has been a strong solution for secure remote access and zero trust security, but there are a few areas where it could be improved. The initial deployment and policy design process can be complex, particularly for organizations with a large number of applications, diverse user groups, and existing security integrations. Defining and fine-tuning access policies requires careful planning to avoid overly restrictive and overly permissive accesses. Another challenge is that troubleshooting access issues can sometimes require navigating multiple dashboards and logs, which can increase the time needed to diagnose problems. While the reporting and visibility features are useful, more streamlined and customizable reporting options would help security and operations teams gain insights faster. We have also encountered occasional learning curves for administrators who are new to zero trust concepts and Cisco policy framework. Additionally, guided information, configuration tools, and simplified policy recommendations could make onboarding easier. These challenges are relatively minor compared to the security, visibility, and management benefits the platform provides. With continued enhancements to usability, reporting, and policy management workflows, Cisco Secure Access could become even more effective for enterprise environments.
One improvement that would make a significant difference for our team would be more intelligent policy recommendation and automation capabilities. As our organization scales, managing access policies across multiple applications, user groups, and devices can become complex. Having AI-driven recommendations that suggest policy optimizations, identify potential misconfigurations, and highlight overly permissive access rules would help reduce administrative effort and improve security consistency. We would also like to see more unified troubleshooting and reporting capabilities. While the platform provides strong visibility, having a single view that correlates user activity, device posture, policy decisions, and access events would help administrators resolve issues more quickly.
For how long have I used the solution?
I have been using Cisco Secure Access for approximately twelve to thirteen months.
What do I think about the stability of the solution?
Cisco Secure Access has been a stable and reliable platform. In our experience, the service consistently provides secure connectivity for remote users, contractors, and hybrid environments with minimal disruption. Our day-to-day operations run smoothly, and the platform has effectively met access requirements across cloud and on-premises environments. From an availability perspective, we have experienced strong and dependable performance. Users generally access a high percentage of resources without connectivity issues, and the cloud-delivered architecture helps ensure consistent service regardless of user location. Overall, it has been a good experience and very stable.
What do I think about the scalability of the solution?
Cisco Secure Access has kept pace with our increased adoption of cloud-based applications without requiring significant infrastructure changes or adding complexity. One of the biggest advantages is the cloud-delivered architecture, which allows us to access applications quickly while maintaining security and user experience. Instead of deploying and managing additional hardware, we can scale through centralized management, which has significantly reduced operational effort. The platform has enabled us to respond to changing business needs, hybrid working conditions, cloud migration, and evolving security requirements. We have been able to enforce consistent access controls across both cloud-hosted and on-premises applications while maintaining visibility and compliance. Performance has remained consistent, usage has increased, and we have not experienced scalability-related limitations. From an administration perspective, the centralized management capability is easy to support without proportionally increasing workload. It has provided the flexibility needed to adapt to changing technology without significant redesign or additional infrastructure investments.
How are customer service and support?
Our experience with Cisco Secure Access customer support has generally been positive. Cisco provides multiple support channels, including a support document knowledge base and access to specialists when needed. For standard issues and configuration questions, response times have been reasonable, and support engineers have demonstrated strong technical knowledge of both the platform and Cisco Secure Access. Another strength of the support has been their ability to assist with our complex deployment involving zero trust implementation, integrations with hybrid environments, and security policy management. During the implementation and ongoing operations, we have been able to leverage Cisco documentation and support resources to use new features more effectively. The critical issues escalation process has worked well, helping minimize our impact. We have also found community resources, including guides and best practice documentation, to be valuable supplements to direct support interactions. While it can vary depending on the specific issue and the support team involved, our overall experience has been positive with Cisco Secure Access support.
Which solution did I use previously and why did I switch?
We previously relied heavily on traditional VPN connectivity for remote access, and Cisco Secure Access has played an important role in our transition toward the ZTNA model rather than providing broad network access through a VPN. ZTNA enables secure access to applications based on user identity, device posture, location, and security policies. The transition has significantly improved both security and user experience. With traditional VPNs, users often received access to a larger portion of the network than necessary, which increased risk and administrative complexity. Cisco Secure Access allows us to grant access only to the specific applications and resources required for the user's role, reducing the attack surface and supporting zero trust. From an operational perspective, the migration has simplified access management and reduced the number of VPN-related support issues. Users experience more seamless connectivity because they no longer need to establish a full VPN session for every task, and administrators can manage policies centrally through a unified platform. We still maintain limited VPN access for certain legacy systems and specialized use cases, but the majority of our remote access strategy now relies on ZTNA. Cisco Secure Access has made the transition from VPN to ZTNA smoother than expected by providing stronger security controls, better visibility into our user activity, simplified administration, and a more consistent experience for remote and hybrid workers.
How was the initial setup?
Our experience with Cisco Secure Access pricing and licensing has generally been positive. While the solution is not the lowest cost option in the market, we found that the value provided through security, scalable centralized management, and zero trust capabilities justifies the investment when evaluating the total cost of ownership. It helps reduce the need for multiple standalone security and remote access solutions, which simplified operations and improved overall efficiency. The initial setup and implementation costs were largely associated with planning, policy design, integration with identity providers, and migration from existing remote access technologies. Like most enterprise security platforms, deployment requires careful preparation and stakeholder involvement, but Cisco provided sufficient documentation and support resources to make the process manageable.
What was our ROI?
We have seen a measurable return on investment from Cisco Secure Access, both from a security and operational perspective. One of the biggest benefits has been the reduction in administrative effort through centralized policy management and automated access controls. We estimate that tasks related to user provisioning, access modifications, and policy administration require approximately twenty-five to thirty percent less effort compared to our previous approach. We have also seen a noticeable reduction in access-related support tickets as users experience more reliable and streamlined connectivity through the zero trust model. This has allowed IT and security teams to spend less time troubleshooting remote access issues and more time focusing on strategic initiatives. Incident investigations and resolution times have improved as well due to better visibility into user activity, application access, and network performance. From a financial perspective, Cisco Secure Access has helped us consolidate several security and remote access functions into a single platform, reducing operational complexity and minimizing the need for additional infrastructure. The cloud-delivered architecture also lowers maintenance requirements compared to managing traditional remote access solutions. Overall, the combination of improved security, faster onboarding, and reduced administrative workload, fewer support issues, and better operational efficiency has delivered a strong return on investment. While the exact savings vary by organization, the productivity gains and the risk reduction have more than justified the investment for us.
What's my experience with pricing, setup cost, and licensing?
Before adopting Cisco Secure Access, we primarily relied on traditional VPN-based remote access solutions combined with supporting security tools for web filtering, access control, and visibility. While the hub approach met basic remote access requirements, it became increasingly difficult to manage as our workforce became more distributed and our cloud adoption increased. We decided to move to Cisco Secure Access because we wanted a more modern, zero trust architecture that could provide secure identity-based access to applications rather than broader network-level connectivity. The previous solution required more manual management, offered limited visibility into user activity, and created additional complexity when supporting employees, contractors, and third-party partners. Cisco Secure Access stood out because it combined ZTNA, secure policy enforcement, threat protection, and centralized management with user experience monitoring within a unified platform. The ability to apply consistent policies across cloud and on-premises resources improved visibility and reduced reliance on traditional VPN infrastructure, making the transition compelling. Since making the switch, we have improved security, reduced administrative workload, enhanced our user experience, and gained better insight into application access and network activity. The move has also supported our broader zero trust and hybrid work initiatives, making Cisco Secure Access a better fit for our long-term security strategy.
Which other solutions did I evaluate?
We conducted a thorough evaluation of several secure access and zero trust solutions before selecting Cisco Secure Access. The products we considered included Zscaler Private Access, Alternate Network solutions, Netskope, Microsoft-based security, and remote access solutions that align with our existing cloud strategy. Our evaluation focused on several criteria, including zero trust capabilities, ease of deployment, visibility into applications and activity, integrations with existing security investments, scalability, reporting, and overall user experience. We also assessed each vendor's ability to support hybrid environments that include both cloud-hosted and on-premises applications. Ultimately, Cisco Secure Access stood out because of its strong combination of ZTNA functionality, unified policy management, cloud-delivered security services, AI-driven insights, Thousand Eyes integration for digital experience monitoring, and compatibility with broader security ecosystems. We also valued the ability to manage security policies consistently across remote users, branch locations, and private applications from a centralized platform. While the competing solutions offered strong features in specific areas, Cisco Secure Access provided the best overall security, visibility, operational simplicity, and long-term scalability for our requirements. The platform blended well with our zero trust strategy and offered a path for future required architectural changes.
What other advice do I have?
My biggest piece of advice is to approach Cisco Secure Access as a strategic, zero trust initiative rather than simply a replacement for traditional VPN technology. Organizations get the most value when they take the time to understand application requirements and security objectives prior to deployment. Having a sound access strategy and well-crafted policy creation makes it much easier to maximize both security and user experience. I would recommend starting with a phased rollout, beginning with a simpler group of users and application policies, gathering feedback, and then expanding gradually. This approach facilitates smoother implementation and wider adoption. Another key takeaway is to take advantage of the platform's features, including digital experience monitoring through Thousand Eyes and centralized policy management.
Overall, Cisco Secure Access has been a valuable component of our security strategy. The platform has modernized our approach to secure connections by supporting zero trust, improving user and application access, and reducing our dependence on traditional VPN-based remote access. We have benefited from centralized policy management, strong security controls, digital experience monitoring capabilities, and the ability to deliver a consistent experience for remote and third-party users. Continuous use of Cisco Secure Access has provided the flexibility and scalability needed to support changing business requirements without adding operational complexity. The overall benefits have far outweighed those challenges. If I were to summarize the platform in a few words, I would describe it as secure, highly reliable, and aligned with modern zero trust strategies. For organizations looking to strengthen security while managing a distributed workforce, Cisco Secure Access presents a strong option with both operational and security value. I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure