A more granular license approach would be beneficial, allowing customers to grow with half a module or one module at a time and add on the CASB, the DNS security, or the ZTNA. If they can do it granularly and grow slowly, I think that would be really advantageous for the sales process. The license model can be simplified; it is a bit tricky to understand exactly which licenses you need. The cost was pretty expensive but also pretty reasonable, and if the cost could be brought down a bit, that would make it a much more attractive product for the Swedish market. Customer support is decent; it is slowly getting better now with the new NIS2 and cybersecurity laws that are being implemented.
Head Of IT at a non-profit with 501-1,000 employees
Real User
Top 20
Feb 11, 2026
Regarding Cisco Secure Access, there are some areas that are not positive. Dedicated IP addresses for Cisco Secure Access platform took quite a while to obtain, and the process can be streamlined and improved. Issues arise because everyone is coming off a single IP address and sites such as YouTube think there are bots, asking to verify or just blocking access. When this was raised with Cisco, the official response was that accounts need to be signed up for or Gmail accounts created, with nothing that can be done on Cisco's side as it is on the end website. This is somewhat understandable, but those relationships should exist between large organizations. For instance, when presenting a PowerPoint with an embedded YouTube video, it suddenly says it cannot verify identity, causing issues for all levels. Three or four people come to the service desk every week with this issue, and the response is to use a generic Gmail account or sign up independently, which is probably not adequate. Another issue has been with VPN profiles. When creating different VPN profiles, the underlying infrastructure has had to be replicated or provided, such as another RADIUS server for authentication. The whole VPN profile side of things can be improved for different subsets of users, such as guests or people who bring their own devices. Different profiles are wanted for different user bases, and it is quite complex on Cisco Secure Access to set all that up at the moment. Historically, with ASAs or Check Point firewalls, VPN profiles could be set up quite easily and what they had access to and what they did not have access to could be limited. There is interest in seeing how it can further integrate with Cisco Identity Services Engine because there is scope there to allow people on the environment via the VPN, but also restrict what they can access or not based on their profile. Those two can work a bit closer together.
Network Technician at a tech services company with 501-1,000 employees
MSP
Top 20
Feb 11, 2026
I think Cisco Secure Access can be improved, but as I said, I'm still new in this field, so I can't say something now. I plan to improve my skills more and gain more experience, and maybe I can send them an improvement by mail or something similar. I do not have more to add about the needed improvements.
Manager, Infrastructure Services at a energy/utilities company with 1,001-5,000 employees
Real User
Top 10
Feb 11, 2026
One area that needs improvement with Cisco Secure Access is the ZTA policy itself, which is lacking because it is limited to one policy for one target. If I have multiple policies I want to apply to a multiple group for the same target, I cannot do it, which is very limiting.
Network Security Manager at Gamma Telecom Infrastructure
Real User
Top 20
Feb 11, 2026
If I could improve Cisco Secure Access in any way, it would be with Meraki integration; we do a lot with Meraki SD-WAN, and while the functionality is coming, currently it is not an Auto VPN integration, but I know it is now in public preview, and we have started to have a look at it in the lab. That is key for us because we have had a lot of problems with the VPN from Meraki into Cisco Secure Access, especially since local breakout does not work if you are running BGP over the VPN. Auto VPN functionality would be a big improvement. The other issues we are having are around Talos and content filtering functionality; the Talos database is insufficient because Cisco Secure Access web gateway database is not big enough to hold every URL, leading to numerous problems with URLs not being categorized correctly and a slow turnaround for recategorization requests. Therefore, improvements with content filtering and Talos integration are significant for us, and we are speaking regularly to the Cisco teams about this. Another significant issue involves a parent-child problem we have with the URLs; if they match multiple URL categories, then the rule base only looks at the first category, so it does not match multiple categories, resulting in a lot of problems around the Talos content filtering integration.
Senior Manager at a retailer with 10,001+ employees
Real User
Top 20
Feb 11, 2026
I do not think there is anything I would improve about the product other than the support issue. I know there are various integration things when it comes to SASE, and Cisco Secure Access is one of the products that will help us in that journey. We have many Cisco routers and there is more we can do with the product, but we have not been able to use it to its full capacity yet, which is one of the plans we are working towards for this year.
Cisco Secure Access could be improved with fewer bugs; we need to address less software bugs, as there are technical issues and errors in the software, which we are trying to resolve to achieve a more stable version that companies can use without issues, but it is a working process, and we understand this.
Cisco is expanding Cisco Secure Access by protecting AI, especially the AI agent. This has been announced in the keynote this week. I am looking forward to knowing what Cisco is doing about protecting agentic AI. Cisco Secure Access is one of the best products to provide these kinds of capabilities because of the flexibility of the deployment and the ease of installation. It is quite pervasive because it reaches and protects the user wherever they are. For the agent, this is quite a crucial requirement. For AI, I believe this capability is still in the roadmap for Cisco Secure Access. It should be announced possibly in the second quarter. This is something that, if asked how Cisco Secure Access can be improved, I would say the capability to protect agentic AI is a key improvement area.
Solution Architect at a financial services firm with 1,001-5,000 employees
Real User
Top 20
Feb 11, 2026
To improve Cisco Secure Access, I would suggest simplifying the need for different components that Cisco has tried to implement; for example, to have Cisco Secure Access, it is necessary to have AnyConnect, ISE, and Duo, meaning there are various products that need to integrate to achieve the same result, unlike the all-in-one compact products from other vendors. Inside the Cisco ecosystem, to have Cisco Secure Access, you need several components, which are different products; integrating these Cisco products for the zero trust network presents the main problem, especially since we have many applications that are on-premises, and for the latest version of Cisco Secure Access, the traffic must go to the cloud and then come back to access on-premises applications, creating delays and performance concerns.
Manager, Network & Security at a financial services firm with 10,001+ employees
Real User
Top 5
Feb 11, 2026
From a licensing perspective, there could be some enhancement. What I have observed from Cisco regarding licensing and pricing is that there are multiple license tiers, whether Essential, Advanced, or multiple layers of licenses. This creates confusion about which license type we need and which type this product requires. Some clarity or enhancement in this area could provide greater visibility and peace of mind.
Junior Information Technology Consultant Security at a tech services company with 10,001+ employees
Real User
Top 5
Feb 11, 2026
I am not using the AI assistant feature for Cisco Secure Access because it is not working properly. Sometimes if you write something very basic such as where can I find the connectors, it responds to go there. However, as soon as I target a specific case, it responds that it is unavailable at the moment. Regarding the AI Access feature, I would say it has room for improvement. It is not bad; it is good, but it could be better. In general, I think Cisco Secure Access can be improved. I have worked a lot with Cisco Secure Connect, which is very intuitive and easy. With Cisco Secure Access, things are very complicated. Everybody who has experience with Cisco Secure Connect and touches Cisco Secure Access responds with surprise and confusion about why this is needed and where to find things. I believe there is room for improvement. You have workflows, which is already good, but you can push the workflows even more. It is just the basics, and workflows with really specific problems and specific instances would be good.
Network Security Engineer at IT-Services der Sozialversicherung GmbH
Real User
Top 10
Feb 11, 2026
There may be features that need further development, such as AI or integration with other products, but I cannot provide specific recommendations for improvement.
Product Owner at a retailer with 10,001+ employees
Real User
Top 10
Feb 11, 2026
Cisco Secure Access is good, and I feel nothing more is needed for improvement. I chose a rating of nine out of ten because of the zero downtime, but that is nearly not possible, and I cannot tell you what to do better.
Cyber Security Manager at a non-profit with 501-1,000 employees
Real User
Top 10
Feb 11, 2026
To improve Cisco Secure Access, I believe there should be better clarity from Cisco regarding where organizations should focus their investments. When we onboarded a year ago, we fully adopted the VPN client; in hindsight, we might have done a split focusing more on ZTNA. The direction felt unclear at the time, and after attending two or three Cisco Lives, it seems ZTNA is the main focus, yet Cisco does not provide adequate guidance on best practices that align with other organizations. There is a noticeable gap in engagement from customer success managers about upcoming features and tools. Additionally, integrating with other third parties is essential; I see limitations in our Cisco XDR platform's integrations, and consolidating everything into a single pane of glass would greatly enhance visibility. Although AI Canvas is aimed at addressing some visibility issues, they seem to be behind and require more time for development.
Technical Product Owner at a tech vendor with 10,001+ employees
MSP
Top 20
Feb 10, 2026
What we really find challenging is that we do not have granular role-based access control models. The only options we have are full admin or read-only. We have different departments in the company that have different responsibilities. While we as a networking team are full admins, we do not want to manage the policies regarding which websites are allowed and what is not allowed. That should be managed by our compliance team. The granular access issue is coming from the product limitation at the moment, as it does not offer us the option to tell it that a particular role can only manage websites, allowed sites, and blocked sites. Categories or something similar are not possible. If I had to improve the product, that would definitely be role-based access control. Though from another point of view, this limitation may also be a benefit because it forces us to implement our own front-end to use API calls. Using API, you can limit the access to that particular key.
Ts Senior Technical Consultant at a tech vendor with 10,001+ employees
Consultant
Top 10
Feb 10, 2026
In terms of usability and efficiency, the multi-organization management capability of Cisco Secure is robust. I believe Cisco Secure Access can be improved by changing some features, enhancing the user interface, and streamlining reporting.
I am not using the AI assistant feature of Cisco Secure Access much yet. I think it is a little bit limited right now. This is something that can be improved, and I think it will be. I hope there will be a good way to transform Umbrella installations over to Cisco Secure Access to improve the transition. I have not looked much into that part yet, but I hope there will be a smooth transition. Otherwise, that is an improvement that needs to be made.
Deputy CISO at a transportation company with 10,001+ employees
Real User
Top 10
Feb 10, 2026
In general, I think features can be improved. We have some issues regarding the routing, regarding some configurations, and so on. But we communicate with local Cisco partners, managers, and engineers, and they always help us to solve these issues. They are trying to push Cisco engineers to improve and develop more features that would be relevant for clients. So in general, I don't have any bad experience.
System Architect at a insurance company with 1,001-5,000 employees
Real User
Top 20
Feb 10, 2026
Cisco Secure Access can be improved because, especially for administrators or troubleshooting, it would be beneficial to have more detailed GUIs with more logs. Currently there is very minimal information, so it would be helpful if there were more detailed information, particularly for administrators and troubleshooting.
In general, what can be improved about this solution is to not change the name of everything every year, as Cisco marketing are experts at making changes to everything, and I don't understand what this is; that was the AnyConnect VPN, and now it's Cisco Secure Access, and what's tomorrow? I would suggest trying to keep the names of products and services for some years.
System Engineer & Principal at a insurance company with 1,001-5,000 employees
Real User
Top 10
Feb 9, 2026
I am not using the AI assistant feature of Cisco Secure Access at this time. I am not sure about using the VPNaaS in Cisco Secure Access, as in SSE, I am functioning as an end-user and I assist the guys who are implementing it. My part was mostly determining what ports are needed and what servers connect to on-premise and need to work with them. The implementation of this solution was quite easy. I do not use ZTNA in Cisco Secure Access. I have not used the Experience Insights feature of Cisco Secure Access, as I am not involved with it. It is just the underlying platform. I am implementing the voice features on it. I can speak from my opinions and insights on what I observed when implementing UC above the platform. It was quite good and acceptable. I have not used the multi-organization management capability of Cisco Secure Access, so I cannot describe its usability and efficiency. I come from a user perspective and user experience, because I am responsible for the UC clients which are working with the platform. From that, I can say it was quite easy to implement it and to bring the systems to work with SSE. However, I am not deeply involved in the capabilities of SSE.
I sold ThousandEyes and had done proof of concepts. ThousandEyes is a good product. However, the major flaw for ThousandEyes is the way they are calculating and giving the costing to the customer. The way the units consumption pricing is structured is not that great. That is the biggest flaw, and that is where people are not adopting it. The success rate of ThousandEyes when going with a digital monitoring concept is that it will address from endpoint to the application level and cover all domains. However, the way you are structuring your pricing with respect to the consumption of the units is a major issue. The pricing structure is not good in ThousandEyes. Apart from this, it is a good product. It can identify the issues related to an endpoint, if it is a remote user, if it is an internet issue, or if it is an application issue. The HTTP response time and latencies, everything it is giving. However, when a customer is trying to adopt it, the pricing structure is not good.
From a feature perspective, I have not experienced any issues, drawbacks, or shortcomings. However, the cost of Cisco's products and licensing is high. My clients usually prefer cheaper options if possible. Mid-size or smaller businesses typically cannot afford Cisco Secure Access. Additionally, there is a steep learning curve, as it is very intensive. Someone with significant knowledge can work on it, but a new professional would have to spend considerable time to get accustomed to it. It is hard to find engineers who can work on it. Overall, we get what we pay for, as it is a pretty good feature and service. The pricing of Cisco's products and licensing is higher than competitors. If they could be more reasonable, that would help. The support offered for two years also has higher costs. Overall, the client's IT budget gets affected. It was challenging to learn because, as mentioned, it has a significant learning curve and requires considerable training to become proficient.
From a feature perspective, I have not experienced any issues, drawbacks, or shortcomings. However, the cost of Cisco's products and licensing is high. My clients usually prefer cheaper options if possible. Mid-size or smaller businesses typically cannot afford Cisco Secure Access. Additionally, there is a steep learning curve, as it is very intensive. Someone with significant knowledge can work on it, but a new professional would have to spend considerable time to get accustomed to it. It is hard to find engineers who can work on it. Overall, we get what we pay for, as it is a pretty good feature and service. The pricing of Cisco's products and licensing is higher than competitors. If they could be more reasonable, that would help. The support offered for two years also has higher costs. Overall, the client's IT budget gets affected.
Managing Cisco Secure Access in a single cloud management console is moderate in difficulty. Technical skills or an understanding at a base level or moderate level are needed to make it work, configure, and integrate it. The difficulty level is somewhere between easy and difficult.
Systems Architect at Realtime Technical Solutions, LLC
Real User
Top 10
Sep 8, 2025
Cisco does a decent job with logging. Sometimes you may need to tweak a few settings, but with their more recent products that support Python and Java among others, you now have more programmatic control in the latest versions of IOS. If the FTD devices themselves, the Firepower Threat Detection system, those are the firewalls themselves, the individual appliances, weren't so tightly coupled to FMC, I'd probably appreciate them as a product more. The learning curve was a little higher just because it's a large departure from their original ASA devices. If they could be managed individually as easily as they can be managed through FMC, I'd probably be a bigger fan.
Senior Presale Consultant at Bridgenet Solutions Sdn Bhd
Consultant
Top 20
Aug 12, 2025
My personal thinking about Cisco Secure Access is that because I'm also catching up on this solutioning, I'm not really seeing any improvement because I'm still learning. So far, it's good; I do not have any comment on this. Regarding features about the UI, the pricing, and the learning curve of Cisco Secure Access that can be improved, the AI is already embedded in the solution. Because I haven't explored much and am not an expert, the features might be there, but I haven't tested them out. When it comes to thoughts on the pricing, setup cost, and licensing cost of Cisco Secure Access, I cannot comment as I only did SSE for Cisco and did not have experience with other products. In terms of price comparisons, I cannot provide much insight. The more competitive the pricing for Cisco Secure Access becomes, the better it would be for customers.
Cisco Secure Access can be improved with more integration; the more integrations, the better. There are always third-party products that you might have, such as Carbon Black.
Director, Network Services at a healthcare company with 10,001+ employees
Real User
Top 10
Jun 9, 2025
This is my first time in healthcare after being in commercial space for a long time. It's always a challenge because we can't just turn stuff off as we could in the commercial space, since it may interfere with patient care. It takes longer to understand what's going on, so anything that could help give us a faster understanding of what's happening, why it's there, and if it's a risk to us would be helpful. We don't have any good tools right now, which is a problem.
In my opinion, Cisco Secure Access could be improved by potentially incorporating features that other brands have been using. I see benefits from features offered by competitors, which could enhance the Cisco experience if adapted thoughtfully.
At this moment, I am unable to comment on areas for improvement as we are just starting to work with the solution. However, I find that the complex procedure for raising support tickets is a significant drawback. Previously, sending an email would automatically create a ticket, but now it requires accessing specific portals, making the process complicated.
Pre-Sales Solution Partner at a computer software company with 11-50 employees
Real User
Top 10
Jan 27, 2025
There is a need for improved global coverage since the service relies on the cloud provider's data centers. We are seeking more granular and global coverage to meet our demands. Modernization is needed, specifically in the enhancement of security features and functionality. Utilizing AI-oriented features is also important, considering what other vendors offer and their marketing strategies.
Cisco Secure Access is a comprehensive Security Service Edge (SSE) solution (a key component of a SASE solution) that addresses the complexities of securing a hybrid enterprise. Cloud-delivered and grounded in zero trust, it delivers a unique blend of user simplicity and IT efficiency for frictionless, secure access to all applications—SaaS (with gen AI), private apps, and the internet—regardless of user location or device. Secure Access protects users, data, and devices against relentless,...
A more granular license approach would be beneficial, allowing customers to grow with half a module or one module at a time and add on the CASB, the DNS security, or the ZTNA. If they can do it granularly and grow slowly, I think that would be really advantageous for the sales process. The license model can be simplified; it is a bit tricky to understand exactly which licenses you need. The cost was pretty expensive but also pretty reasonable, and if the cost could be brought down a bit, that would make it a much more attractive product for the Swedish market. Customer support is decent; it is slowly getting better now with the new NIS2 and cybersecurity laws that are being implemented.
Regarding Cisco Secure Access, there are some areas that are not positive. Dedicated IP addresses for Cisco Secure Access platform took quite a while to obtain, and the process can be streamlined and improved. Issues arise because everyone is coming off a single IP address and sites such as YouTube think there are bots, asking to verify or just blocking access. When this was raised with Cisco, the official response was that accounts need to be signed up for or Gmail accounts created, with nothing that can be done on Cisco's side as it is on the end website. This is somewhat understandable, but those relationships should exist between large organizations. For instance, when presenting a PowerPoint with an embedded YouTube video, it suddenly says it cannot verify identity, causing issues for all levels. Three or four people come to the service desk every week with this issue, and the response is to use a generic Gmail account or sign up independently, which is probably not adequate. Another issue has been with VPN profiles. When creating different VPN profiles, the underlying infrastructure has had to be replicated or provided, such as another RADIUS server for authentication. The whole VPN profile side of things can be improved for different subsets of users, such as guests or people who bring their own devices. Different profiles are wanted for different user bases, and it is quite complex on Cisco Secure Access to set all that up at the moment. Historically, with ASAs or Check Point firewalls, VPN profiles could be set up quite easily and what they had access to and what they did not have access to could be limited. There is interest in seeing how it can further integrate with Cisco Identity Services Engine because there is scope there to allow people on the environment via the VPN, but also restrict what they can access or not based on their profile. Those two can work a bit closer together.
I think Cisco Secure Access can be improved, but as I said, I'm still new in this field, so I can't say something now. I plan to improve my skills more and gain more experience, and maybe I can send them an improvement by mail or something similar. I do not have more to add about the needed improvements.
One area that needs improvement with Cisco Secure Access is the ZTA policy itself, which is lacking because it is limited to one policy for one target. If I have multiple policies I want to apply to a multiple group for the same target, I cannot do it, which is very limiting.
If I could improve Cisco Secure Access in any way, it would be with Meraki integration; we do a lot with Meraki SD-WAN, and while the functionality is coming, currently it is not an Auto VPN integration, but I know it is now in public preview, and we have started to have a look at it in the lab. That is key for us because we have had a lot of problems with the VPN from Meraki into Cisco Secure Access, especially since local breakout does not work if you are running BGP over the VPN. Auto VPN functionality would be a big improvement. The other issues we are having are around Talos and content filtering functionality; the Talos database is insufficient because Cisco Secure Access web gateway database is not big enough to hold every URL, leading to numerous problems with URLs not being categorized correctly and a slow turnaround for recategorization requests. Therefore, improvements with content filtering and Talos integration are significant for us, and we are speaking regularly to the Cisco teams about this. Another significant issue involves a parent-child problem we have with the URLs; if they match multiple URL categories, then the rule base only looks at the first category, so it does not match multiple categories, resulting in a lot of problems around the Talos content filtering integration.
I do not think there is anything I would improve about the product other than the support issue. I know there are various integration things when it comes to SASE, and Cisco Secure Access is one of the products that will help us in that journey. We have many Cisco routers and there is more we can do with the product, but we have not been able to use it to its full capacity yet, which is one of the plans we are working towards for this year.
Cisco Secure Access could be improved with fewer bugs; we need to address less software bugs, as there are technical issues and errors in the software, which we are trying to resolve to achieve a more stable version that companies can use without issues, but it is a working process, and we understand this.
Cisco is expanding Cisco Secure Access by protecting AI, especially the AI agent. This has been announced in the keynote this week. I am looking forward to knowing what Cisco is doing about protecting agentic AI. Cisco Secure Access is one of the best products to provide these kinds of capabilities because of the flexibility of the deployment and the ease of installation. It is quite pervasive because it reaches and protects the user wherever they are. For the agent, this is quite a crucial requirement. For AI, I believe this capability is still in the roadmap for Cisco Secure Access. It should be announced possibly in the second quarter. This is something that, if asked how Cisco Secure Access can be improved, I would say the capability to protect agentic AI is a key improvement area.
To improve Cisco Secure Access, I would suggest simplifying the need for different components that Cisco has tried to implement; for example, to have Cisco Secure Access, it is necessary to have AnyConnect, ISE, and Duo, meaning there are various products that need to integrate to achieve the same result, unlike the all-in-one compact products from other vendors. Inside the Cisco ecosystem, to have Cisco Secure Access, you need several components, which are different products; integrating these Cisco products for the zero trust network presents the main problem, especially since we have many applications that are on-premises, and for the latest version of Cisco Secure Access, the traffic must go to the cloud and then come back to access on-premises applications, creating delays and performance concerns.
From a licensing perspective, there could be some enhancement. What I have observed from Cisco regarding licensing and pricing is that there are multiple license tiers, whether Essential, Advanced, or multiple layers of licenses. This creates confusion about which license type we need and which type this product requires. Some clarity or enhancement in this area could provide greater visibility and peace of mind.
I am not using the AI assistant feature for Cisco Secure Access because it is not working properly. Sometimes if you write something very basic such as where can I find the connectors, it responds to go there. However, as soon as I target a specific case, it responds that it is unavailable at the moment. Regarding the AI Access feature, I would say it has room for improvement. It is not bad; it is good, but it could be better. In general, I think Cisco Secure Access can be improved. I have worked a lot with Cisco Secure Connect, which is very intuitive and easy. With Cisco Secure Access, things are very complicated. Everybody who has experience with Cisco Secure Connect and touches Cisco Secure Access responds with surprise and confusion about why this is needed and where to find things. I believe there is room for improvement. You have workflows, which is already good, but you can push the workflows even more. It is just the basics, and workflows with really specific problems and specific instances would be good.
There may be features that need further development, such as AI or integration with other products, but I cannot provide specific recommendations for improvement.
Cisco Secure Access is good, and I feel nothing more is needed for improvement. I chose a rating of nine out of ten because of the zero downtime, but that is nearly not possible, and I cannot tell you what to do better.
To improve Cisco Secure Access, I believe there should be better clarity from Cisco regarding where organizations should focus their investments. When we onboarded a year ago, we fully adopted the VPN client; in hindsight, we might have done a split focusing more on ZTNA. The direction felt unclear at the time, and after attending two or three Cisco Lives, it seems ZTNA is the main focus, yet Cisco does not provide adequate guidance on best practices that align with other organizations. There is a noticeable gap in engagement from customer success managers about upcoming features and tools. Additionally, integrating with other third parties is essential; I see limitations in our Cisco XDR platform's integrations, and consolidating everything into a single pane of glass would greatly enhance visibility. Although AI Canvas is aimed at addressing some visibility issues, they seem to be behind and require more time for development.
What we really find challenging is that we do not have granular role-based access control models. The only options we have are full admin or read-only. We have different departments in the company that have different responsibilities. While we as a networking team are full admins, we do not want to manage the policies regarding which websites are allowed and what is not allowed. That should be managed by our compliance team. The granular access issue is coming from the product limitation at the moment, as it does not offer us the option to tell it that a particular role can only manage websites, allowed sites, and blocked sites. Categories or something similar are not possible. If I had to improve the product, that would definitely be role-based access control. Though from another point of view, this limitation may also be a benefit because it forces us to implement our own front-end to use API calls. Using API, you can limit the access to that particular key.
In terms of usability and efficiency, the multi-organization management capability of Cisco Secure is robust. I believe Cisco Secure Access can be improved by changing some features, enhancing the user interface, and streamlining reporting.
I am not using the AI assistant feature of Cisco Secure Access much yet. I think it is a little bit limited right now. This is something that can be improved, and I think it will be. I hope there will be a good way to transform Umbrella installations over to Cisco Secure Access to improve the transition. I have not looked much into that part yet, but I hope there will be a smooth transition. Otherwise, that is an improvement that needs to be made.
In general, I think features can be improved. We have some issues regarding the routing, regarding some configurations, and so on. But we communicate with local Cisco partners, managers, and engineers, and they always help us to solve these issues. They are trying to push Cisco engineers to improve and develop more features that would be relevant for clients. So in general, I don't have any bad experience.
Cisco Secure Access can be improved because, especially for administrators or troubleshooting, it would be beneficial to have more detailed GUIs with more logs. Currently there is very minimal information, so it would be helpful if there were more detailed information, particularly for administrators and troubleshooting.
In general, what can be improved about this solution is to not change the name of everything every year, as Cisco marketing are experts at making changes to everything, and I don't understand what this is; that was the AnyConnect VPN, and now it's Cisco Secure Access, and what's tomorrow? I would suggest trying to keep the names of products and services for some years.
There is nothing about the product itself that I would particularly like to see improved, as nothing comes to mind regarding Cisco Secure Access.
I am not using the AI assistant feature of Cisco Secure Access at this time. I am not sure about using the VPNaaS in Cisco Secure Access, as in SSE, I am functioning as an end-user and I assist the guys who are implementing it. My part was mostly determining what ports are needed and what servers connect to on-premise and need to work with them. The implementation of this solution was quite easy. I do not use ZTNA in Cisco Secure Access. I have not used the Experience Insights feature of Cisco Secure Access, as I am not involved with it. It is just the underlying platform. I am implementing the voice features on it. I can speak from my opinions and insights on what I observed when implementing UC above the platform. It was quite good and acceptable. I have not used the multi-organization management capability of Cisco Secure Access, so I cannot describe its usability and efficiency. I come from a user perspective and user experience, because I am responsible for the UC clients which are working with the platform. From that, I can say it was quite easy to implement it and to bring the systems to work with SSE. However, I am not deeply involved in the capabilities of SSE.
I sold ThousandEyes and had done proof of concepts. ThousandEyes is a good product. However, the major flaw for ThousandEyes is the way they are calculating and giving the costing to the customer. The way the units consumption pricing is structured is not that great. That is the biggest flaw, and that is where people are not adopting it. The success rate of ThousandEyes when going with a digital monitoring concept is that it will address from endpoint to the application level and cover all domains. However, the way you are structuring your pricing with respect to the consumption of the units is a major issue. The pricing structure is not good in ThousandEyes. Apart from this, it is a good product. It can identify the issues related to an endpoint, if it is a remote user, if it is an internet issue, or if it is an application issue. The HTTP response time and latencies, everything it is giving. However, when a customer is trying to adopt it, the pricing structure is not good.
From a feature perspective, I have not experienced any issues, drawbacks, or shortcomings. However, the cost of Cisco's products and licensing is high. My clients usually prefer cheaper options if possible. Mid-size or smaller businesses typically cannot afford Cisco Secure Access. Additionally, there is a steep learning curve, as it is very intensive. Someone with significant knowledge can work on it, but a new professional would have to spend considerable time to get accustomed to it. It is hard to find engineers who can work on it. Overall, we get what we pay for, as it is a pretty good feature and service. The pricing of Cisco's products and licensing is higher than competitors. If they could be more reasonable, that would help. The support offered for two years also has higher costs. Overall, the client's IT budget gets affected. It was challenging to learn because, as mentioned, it has a significant learning curve and requires considerable training to become proficient.
From a feature perspective, I have not experienced any issues, drawbacks, or shortcomings. However, the cost of Cisco's products and licensing is high. My clients usually prefer cheaper options if possible. Mid-size or smaller businesses typically cannot afford Cisco Secure Access. Additionally, there is a steep learning curve, as it is very intensive. Someone with significant knowledge can work on it, but a new professional would have to spend considerable time to get accustomed to it. It is hard to find engineers who can work on it. Overall, we get what we pay for, as it is a pretty good feature and service. The pricing of Cisco's products and licensing is higher than competitors. If they could be more reasonable, that would help. The support offered for two years also has higher costs. Overall, the client's IT budget gets affected.
Managing Cisco Secure Access in a single cloud management console is moderate in difficulty. Technical skills or an understanding at a base level or moderate level are needed to make it work, configure, and integrate it. The difficulty level is somewhere between easy and difficult.
Cisco does a decent job with logging. Sometimes you may need to tweak a few settings, but with their more recent products that support Python and Java among others, you now have more programmatic control in the latest versions of IOS. If the FTD devices themselves, the Firepower Threat Detection system, those are the firewalls themselves, the individual appliances, weren't so tightly coupled to FMC, I'd probably appreciate them as a product more. The learning curve was a little higher just because it's a large departure from their original ASA devices. If they could be managed individually as easily as they can be managed through FMC, I'd probably be a bigger fan.
My personal thinking about Cisco Secure Access is that because I'm also catching up on this solutioning, I'm not really seeing any improvement because I'm still learning. So far, it's good; I do not have any comment on this. Regarding features about the UI, the pricing, and the learning curve of Cisco Secure Access that can be improved, the AI is already embedded in the solution. Because I haven't explored much and am not an expert, the features might be there, but I haven't tested them out. When it comes to thoughts on the pricing, setup cost, and licensing cost of Cisco Secure Access, I cannot comment as I only did SSE for Cisco and did not have experience with other products. In terms of price comparisons, I cannot provide much insight. The more competitive the pricing for Cisco Secure Access becomes, the better it would be for customers.
Cisco Secure Access can be improved with more integration; the more integrations, the better. There are always third-party products that you might have, such as Carbon Black.
The licensing is confusing.
This is my first time in healthcare after being in commercial space for a long time. It's always a challenge because we can't just turn stuff off as we could in the commercial space, since it may interfere with patient care. It takes longer to understand what's going on, so anything that could help give us a faster understanding of what's happening, why it's there, and if it's a risk to us would be helpful. We don't have any good tools right now, which is a problem.
In my opinion, Cisco Secure Access could be improved by potentially incorporating features that other brands have been using. I see benefits from features offered by competitors, which could enhance the Cisco experience if adapted thoughtfully.
At this moment, I am unable to comment on areas for improvement as we are just starting to work with the solution. However, I find that the complex procedure for raising support tickets is a significant drawback. Previously, sending an email would automatically create a ticket, but now it requires accessing specific portals, making the process complicated.
There is a need for improved global coverage since the service relies on the cloud provider's data centers. We are seeking more granular and global coverage to meet our demands. Modernization is needed, specifically in the enhancement of security features and functionality. Utilizing AI-oriented features is also important, considering what other vendors offer and their marketing strategies.
Cisco Secure Access have to improve the security points.