Today, I’m thrilled to announce that Cisco Secure Access – the foundation to securing connectivity to all applications across your hyper-distributed environment – is generally available. With Cisco Secure Access, your end-users can do their best work, securely accessing any application (web, SaaS, or private) with one experience, from anywhere.

Announced in June at Cisco Live – customer reaction has been consistent, strong, and positive.  Their enthusiasm and intense interest sparked robust customer engagement and fostered order momentum. With points of presence (POPs) and customer trials across all regions – Americas, EMEA and APJC – we are promoting the general availability of the service.

Cisco Secure Access is an evolution of Cisco Umbrella Secure Internet Gateway (SIG), our premier cloud-delivered security solution for secure internet access. Cisco is developing a ‘step-up’ program to enable existing SIG customers to take advantage of the expanded services, including the new ZTNA and VPNaaS capabilities.

What are we solving for?

Let’s just say it. Securing hyper-distributed environments is difficult and complex, with users working virtually anywhere and accessing a plethora of resources across the internet, public SaaS apps, and private apps, in data centers and the cloud.

Forty-three percent of surveyed IT/security leaders report that remote/hybrid workers represent the greatest security risk. And approximately fifty percent of those same leaders cite a variety of reasons why workers are frustrated with application access.[i] Those go hand in hand and contribute to unacceptable levels of risk.

Customers need a smarter way to manage connectivity from anything to anywhere, while simultaneously protecting against savvy, sophisticated attackers. They want broad application of zero trust principles to increase granular control and security. And they want to lower IT complexity and reduce security tool sprawl. In short, they want security that’s better for users, easier for IT, and safer for everyone.

However, technology alone cannot sufficiently answer these persistent challenges. Minimizing risk in modern security environments also depends on empowering an exceptional user experience and addressing IT complexity and inefficiency.

Cisco’s new-age approach to SSE – Cisco Secure Access

While many vendors promote Security Service Edge (SSE) solutions, most offer a collection of disparate components requiring multiple consoles and agents. This simply shifts the complexity problem to the cloud.

Cisco has been converging cloud-native security functionality for many years and has taken a holistic approach to SSE. Our single console is powered by a modern, zero trust focused architecture to deliver pin-point control and least privileged access to the entire spectrum of applications. The fully unified set of core SSE capabilities include zero trust access (ZTA), secure web gateway (SWG), cloud access security broker (CASB), firewall-as-a-service (FWaaS).

Cisco has extended well past the core to also include DNS security, Remote Browser Isolation (RBI), multi-mode Data Loss Prevention (DLP), Digital Experience Monitoring (DEM) insights, VPN as-a-Service (VPNaaS), as well as multiple AI security elements into an elegant solution with a single subscription. Our frictionless private app access delights end users. They just login and get to work. The benefits of least privilege and zero trust enforcement, single console, and a single agent empower the IT team to block more threats with less effort. The result is a solution that mitigates risk and drives higher productivity for both users and the IT team.

Why Cisco Secure Access?

Zero Trust Access (ZTA) Relay: Cisco’s comprehensive ZTA private access technology enables organizations to break through the traditional limitations of rigid first generation ZTNA solutions. Secure Access utilizes new, high efficiency protocols (MASQUE and QUIC) and relay technology. This enables hyper-granular zero trust control, bi-directional obfuscation, and improved performance while reducing resource exposure and protecting the full spectrum of private applications.

Single agent: One easy to manage agent empowers a broad set of security functions to simplify the security process for managed devices. Zero trust-powered clientless access extends least privilege controls to BYOD and contractor devices.

Single console: One unified console makes it easy to configure the broad set of Secure Access functions. One policy engine reduces the effort to secure internet, SaaS, and private app access. Consolidated reporting improves detection and reduces investigation time. All these capabilities are supported by a modern, high speed, hybrid POP model that provides global coverage and rapid expandability.

Artificial intelligence: Cisco has embraced AI and machine learning to turn the massive Talos threat intelligence telemetry into faster incident detection and stronger protection against both existing and emerging attack tactics. At the same time, we provide control and security for your users and data when they access AI applications. You can detect and block the use of specific AI apps. Additionally, you can apply DLP policies to protect sensitive data such as intellectual capital and source code when users are accessing public AI services.

If you want to reduce risk in your distributed environment, while increasing user productivity and empowering IT with a new level of control and efficiency, visit Cisco Secure Access. Start your journey today.


[i] “Keys to Successful SSE: Supporting User Experience, IT Efficiency, and Security Efficacy, Enterprise Strategy Group (ESG), September 2023

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels



Jeff Scheaffer

Vice President Product Management, Security Service Edge (SSE)

Security Business Group