Cisco Secure Access

A modern approach to business resilience and employee satisfaction

Matt Ewens and Ishaan Korotane

EMEA PIW SSE session
October 2023
 • Business challenges ​
• Response to challenges
• Customer priority use cases

Topics • Introducing Cisco Secure

Access
• Capabilities and customer
value
• Why Cisco?

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Highly distributed and diverse IT landscape
makes secure connectivity hard

41%
Say securing user access to
cloud-based applications and
mobile devices or cloud-based SaaS
solutions is their biggest obstacle Public
Public

SaaS SaaS

86%
See having a consistent
operational model across SaaS
SaaS
on-prem, private cloud,
public cloud, and SaaS as
important Cloud
Private
providers Public

85% Say they value simplicity

when it comes to technology
management
Service
providers

Security
Colocation

Data Things |
Campus Branch User
center IoT/OT

Source: 2023 Global Networking Trends Report, Cisco

Hybrid work
era creates
unmanageable
risk
85%
Not adequately
prepared to handle
Highly distributed environments make cybersecurity
secure connectivity hard threats*

*Source: Cybersecurity Readiness Index – Cisco: March, 2023

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Current patchwork approach exacerbates the
problem
More products leads to more complexity within your business and IT environment

Exfiltration
76
Average number of
security tools per
Ransomware enterprise

Lateral movement

Web threats

Stolen credentials
78%
Organizations report that
Spam high number of security
tools is driving
cybersecurity
complexity*

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential *Source: “Keys to Successful SSE”, ESG global survey. June 2023
Customer top priorities address the challenges

Boost Productivity Optimize Costs Minimize Risk

Empower users to Address inefficiencies Secure your organization
do their best work

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SASE/SSE approach is the technology foundation
Fundamental to your security strategy for a hyper-distributed world

65%
SASE brings networking & security plan on adopting
SSE in next 2
capabilities into a single-service, cloud- years
native model to address today's
challenges.
SASE

Converged set of cloud networking Converged set of cloud security

SD-WAN SSE

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Customer priority use cases

Secure Internet Secure Private Security Service

Access Access Edge (SSE)

Internet

+ =
apps Secure Access
Private
apps from anywhere to
SaaS everywhere
apps

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introducing an innovative new
solution:
Cisco Secure Access
Better for users, easier for IT, and safer for everyone

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Secure Access
Modernize your defense with converged cloud security grounded in zero trust

Better for Users Easier for IT Safer for

Empower their best work
with a frictionless
Lower cost and
increase
Everyone
Reduce risk and improve
user experience efficiencies
business resilience

Imagine cybersecurity that’s

safer and easier for everyone

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introducing Cisco Secure Access
Modernize your defense with converged cloud security grounded in zero trust

Remote users Web

Cisco Secure
Access
Most complete security service
Managed and edge (SSE) solution accelerates Public SaaS
unmanaged devices apps
your SASE journey

IoT devices Private apps

From anywhere To anything

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Go beyond core Security Service Edge (SSE)
Better connect and protect your business

Core SSE

Secure Web Cloud Access Security Zero Trust Network Firewall as a Service
Gateway Broker (CASB) and DLP Access (ZTNA) (FWaaS) and IPS
(SWG)

Cisco delivers the core and more in a single subscription…

DNS Multimode Advanced Sandbox Talos VPN as a Digital Remote

Security DLP Malware Threat Service Experience Browser
protection Intelligence Monitoring* Isolation

Add-on solutions
*Global general availability coming soon

SD-WAN XDR Duo MFA/ CSPM

SSO

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Better for users
Facilitate frictionless workforce
experience for better productivity

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Users experience fatigue, friction, repetition

Interne
t apps
Direct

SaaS
apps
? ZTNA
Core
private
apps
VPN Longtail/non-
standard apps

• Many connection decisions

49% 26%
• Various processes Employees Employees leaving
• Multiple steps frustrated job because of tech
• Repetitive authentication tasks with tech experience

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Easy, frictionless user experience
1 Connect to a network 2 Get to work
Interne
t apps

SaaS
apps
Cisco Secure Access Core
private
apps

Longtail/non-
standard apps

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Note: Supports both client and clientless ZTNA connectivity
Easier for IT
Lower costs and improve efficiencies

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The multi-vendor approach is problematic
Interne
t apps
CASB
SWG SaaS
RBI
apps
Separate consoles
Core
private
apps

ZTNA Sandbox Longtail/non-

standard apps
DLP

65%
Multiple products increase cost and inefficiencies of enterprises plan on
• Licenses/hardware • Reporting consolidating vendors
• Policy management • Elevated staffing levels for better risk posture
• Client management

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Easier for IT
Converged cloud security for lower cost and improved efficiencies

Higher • Single agent, console, identity and

posture, policy management
efficiency • Digital Experience Monitoring
(DEM)*
• Single SLA

Lower • Consolidated licensing

costs • Less hardware

• Ecosystem

One place to see traffic, set policies, and analyze risk.

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential *Global general availability coming soon
Digital Experience Monitoring
IT/security teams can accelerate problem identification and resolution

Monitor the health and performance of users,

applications, and network connectivity.

Optimize user productivity by automatically mining

details on the user’s end-to-end experience,
enabling the IT/security staff to rapidly resolve the
issue.

DEM* monitoring examples:

• Endpoint performance – CPU, memory, Wifi
• Network performance –endpoint to Secure
Access
• Top 20 SaaS applications performance
Dashboard visual is for illustrative purposes only
• User specific events

*Global general availability coming soon

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Safer for
everyone
Reduce risk and improve
business resilience

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Advanced cybersecurity benefits
Block more, investigate faster, and remediate fully

Interne
t apps
Cisco Secure Access
SaaS
apps
Direct to internet
Intelligently delivers right
Core
level of security for private
Direct to private apps
destination apps
Longtail/non-
standard apps
Continuous
security
inspection

• Deeper visibility and insights

• High analyst effectiveness
Improved • Reduced alert volume Reduction in
• Least privileged app access
security efficacy • Stronger threat correlation
• Reduced exposure
successful attacks
• Faster detection

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Zero Trust Network Access (ZTNA) journey
Intelligent private application access from anywhere

User ZTNA
Unmatched Unmatched
simplicity migration flexibility

Cisco Secure Access

Core
ZTNA
private
Direct to private apps apps
Longtail/non-
Simple, automated, secure VPNaaS
standard apps
connection to all private
apps

Benefits •
•
App-specific access
Undiscoverable IP address
•
•
Reduced threat surface
Automated selection
•
•
Posture verification
Access segmentation
• Least privileged user access of ZTNA or VPNaaS

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Easy migration to Zero Trust Access
✓ You set the pace of ZTNA adoption
✓ Same client
✓ Common policy Unified ZTNA
Granular controls at the
application level + VPNaaS
and Digital Experience
Monitoring
VPN as-a-Service
Lift your VPN to the cloud –
more control and easier to
manage

Traditional VPN
Network level access –
cannot control at app level

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2023 Cisco and/or its affiliates.
All rights reserved. Cisco Confidential