What needs improvement with Cisco AnyConnect Secure Mobility Client?

The security of the product has certain shortcomings, making it an area where improvements are required.

All Cisco equipment tends to be expensive compared to newer options from other vendors. Moreover, there are some limitations, like the AnyConnect not being supported on all platforms. For example, it doesn't work with some Android versions. We don't use those features, but it's something to consider.

One improvement could be ensuring better backward compatibility. Occasionally, I have faced issues where older versions didn't work seamlessly with the latest VPN version, requiring a downgrade for compatibility. Otherwise, the auto-setup feature is convenient, and speed/resource usage hasn't been a problem.

There is a speed limit for VPNs because of the encryption. That could be improved.

There is no room for improvement from my end, and there is a substantial amount of features. However, the company has a limited time period after which I can’t access the resources hindering my work capabilities. Also, the stability is highly dependent on the Internet connection. If the Internet connection is not stable, it will create a disturbance when using the resources.

The solution could improve the setup, it is complex.

The clientless posture can be improved or enhanced. The deployment of upgrades can be improved as well.

I would like a faster connection from the solution.

This solution doesn't address the seal of trust as a concept for a traditional VPN clients. I think that it is a dying product. The company should try to catch up with their competitors like Palo Alto and Check Point, because they're falling behind.

The solution's performance and stability are average. The licensing model is expensive.

The deployment of the agent software for the final customer could be simpler and more helpful.

I haven't found there are any shortcomings in the product. For how I use it, it works well.

I'm not noticing any missing features. Most of the organizations are currently using Microsoft's Stack or Google Stack, so I don't think they need to build another product to do that.

It could be more efficient on the user side. We would like it to be simpler to get clients connected. You do need technical expertise to set up the product. We have faced some connectivity issues.

The solution should not rely on tokens from the mobile application for logins. If you don't have your phone handy, you can't log in. Email notifications or another single sign-in method would resolve this issue.

At times, the login process takes a lot of time. If your network is a bit weak, on the weak side, it gives you a lot of trouble. That is one negative that I've experienced about it. It is highly dependent upon the network connectivity, even a minor network disruption. While other applications do work a bit slow, they do work. However, I have faced significant issues with Cisco whenever there are some little network issues.

The solution is great, but perhaps the security could be improved.

There is nothing they need to improve at this moment.

An area for improvement is that sometimes when you disconnect or switch from one wireless network to another, it's necessary to re-login.

I wouldn't want anything to be improved per se. It is reliable without any errors, and the configuration is easy. However, when different configurations need to be completed, we need to get in touch with Cisco Technical Assistance Center because we don't have enough documentation on the website. In terms of additional features, it would be good to have some improvements to the quality of service. For example, if somebody on your VPN wants to have a Google meeting or WebEx call, they should be given priority traffic.

If there's any cloud version available, instead of on-premise, that would be ideal. That's one thing that could be helpful.

I would like there to be more license consuming data. We don't have the correct visibility to see the quantity of licenses we are consuming or not consuming. Some of my clients complain about that. For example, they buy 1,000 licenses and cannot see if they are using 1,000 licenses or not.

We receive updates frequently, I think that could be reduced.

The GUI really needs to be upgraded. If you want to use the solution, you have to be comfortable with the CLI. In addition, we have quite a lot of bug issues that need to be resolved.

There are times the WiFi connectivity has disruptions and you have disconnections. It doesn't work with two connections. I have two switches back and forth sometimes. It doesn't have a failback scenario feature. However, on the gateway side, it does, but on the user device, it doesn't have that kind of option. It would be nice to have this feature. When a connection is from company to company using a VPN from the customer's network, it doesn't allow you to connect. It doesn't allow you connection if are on a secure internal network. It doesn't allow you to connect. this is a difficulty because sometimes customers are saying we have to get connected through VPN to a specific network for a specific meeting for one reason or another.

I would like to see improvements in regards to the connectivity speed.

Cisco AnyConnect Secure Mobility Client could improve by optimizing the use of the system resources, it is heavy on the resources. Additionally, there could be more transparency.

The Cisco AnyConnect Secure Mobility Client is easy for end user to use. However, it can be difficult for the developer or solutions engineer to use because you need to have the infrastructure in place first. This is to do with key validation, certificates, and domain trust. The setup could be simplified for solutions engineers with a wizard.

I think, in general, most of the applications are slow, but this is everyday stuff. I think this is more related to the link speed — the links, the lossage, etc.

All I care about is being connected and I know that we've run into versioning issues in the past.

There is one very specific improvement that could be done regarding users logging in. When a user logs in with an expired password we did not know that the password reset function would prompt them for a new password and this system was able to be deployed on this solution. For 10 years, every 30 days, the salespeople who did not want to go inside and reset their password at the 29-day mark, would call me up and have me reset their password for them to gain access. Additionally, it would be beneficial to have at the level that I am at, the ability to sign in to this solution before you log in to the Windows environment without having to upgrade the license. This should be included in the full packages. Alternatively, when Cisco notices customers do not have this feature turned on they could call up its customers and inform them they do not have it turned on and could walk them through how to do it. It turned out to be just two lines of code to accomplish the task. In our case, during any of the interactions with Cisco over the years, they could have just mentioned to us this feature that would have real value-added to your employees. We do have a CCNA in-house and he did not realize that he could turn that feature on very easily. The white paper was probably available, but since our network administrator did not know about it, he never suggested setting it up. In an upcoming release, there should be better reporting capabilities, this is something that is available in premium packages, or if you were to get a Cisco ISE. Essentially, the upgraded reporting shows a live version of what is going on, but it does not show you historical information unless you hook it up to a SCIM, Cisco ISE, or Cisco ACS. This should be included in all packages and you should not have to upgrade or purchase other solutions.

Cisco AnyConnect Secure Mobility Client would be perfect if it weren't for the fingerprint feature. I don't know how it will read my fingerprint on my computer.

I think that the addition of single sign-on functionality would be helpful.

Even when your internet speed is good, once you connect to the VPN the speed gets automatically reduced, which is worrisome. If there was an autosave password then it would have been much easier to connect. By default, Cisco AnyConnect does not update to the newest version automatically and you can't change the setting to auto-update unless you are signed into the tool. Our company had stopped allowing an older version to connect, so staff that didn't have the auto-update setting enabled were still on the older version and couldn't sign in to update to the newest version. To fix this, they would have to have their IT support team come out and uninstall the old version then download and install the newest version.

Sometimes when you are on the VPN, it can be a little bit slow. This may not be a Cisco issue, per se.

The configuration from the client-side would be useful. Right now, it's not centralized. There should be a lock so that it can only be configured from one place. The solution could use some sort of graphic interface or some kind of monitor to showcase the current network to help visualize the information.

The solution needs to add more options for clients. There are too many VPN endpoints. It's not easy to switch between endpoints, which affects scalability. It's difficult to change profiles. There are no menu buttons or checkboxes to make simple changes on the solution. It would be very simple to just add something in the menu to make account changes quick and easy. The setup is a bit difficult to handle on the server-side.

Configuring the solution could be simplified. You tend to spend a bit of time on it right now. It could be made easier with better UI. All of the backend configurations are command-line and it's not helpful. It takes a little bit of effort to get the system up and running. There's a lot of newer technologies that are displacing all of the VPN technologies. The solution could benefit from having a defragmenter and should offer Mac-based device control. Behavior analytics and other newer technologies should be integrated into the solution.

There are situations where the connection drops, and you may not even be aware of it until you try to do something critical. The reconnection feature can be improved. In the next release, I would like to have a connection alert or a pop up that could tell you that you have been disconnected. It would be an improvement to include a better interface and integration with other vendors.

I have been working with the same interface for the last ten years. I would say that it needs some improvements made. From the perspective of an end-user, It could be more attractive and a graphic interface would be better. It's a problem having to balance the number of licenses with the number of physical users. In the next release, I would like to see better graphics in the interface.

Every two weeks there was a new version to install which was annoying for the users. The price should be lower.

Often, there are new versions to install and that can be annoying for our users. Having to deal with a new version every two weeks is a bit overdone. It would be useful to have an automatic install process where if you connect and you don't have the latest version, it should be automatically done.

The hotspots give me connectivity issues occasionally. It could be easier to use if it allowed me to choose the hotspot.

The interface could be a little more modern looking and it would be nice for other users if it had easier integration. Another point of improvement is that it is easy to forget that you are in a private network and it does not log you out automatically. I did not see that there is an option for that. It should log you out after a certain point. You can forget that you are browsing a private, local network. The logout should be automized and it should have a reminder that you have logged in into a private network.

Sometimes I need to connect with Cisco AnyConnect and I don't have access to a Windows machine, so I need to run the client from a Linux machine. If I recall correctly, the last build for the Linux was five or six years ago. So, sometimes it happens that I have this issue with not being able to use Cisco AnyConnect just because I'm forced to use a Linux machine, and the client is very old and it doesn't connect to the current version they're running on the servers on which I want to connect, even though it should be compatible with the old version I have. It's not really an issue from our side, though, because at the end of the day I always find the solution of connecting through a Windows machine but this requires at some point to connect through the VPN. I connect a Linux machine to a Windows machine, the Windows machine to one in the AnyConnect lines product just to connect to yet another Windows machine, which in turn I need to connect on a Linux machine, because in most cases, the actual servers around the world, the vast majority of them are running on Linux. If they could simplify connections via other machines, like Linux or Mac OS X, it would be helpful.