Skip to main content

 

Cisco Meraki Documentation

Cisco Secure Connect - Client-based ZTNA Enablement for Existing Customers

Overview

Please note the following:

  1. All Secure Connect Complete customers who provisioned their account on 2024-08-01 or later will automatically be enabled with client-based ZTNA.
  2. All Secure Connect Complete customers who provisioned their account before 2024-08-01 can enable Client-based ZTNA starting on 2024-08-26 by contacting Secure Connect support. (If you do not have the "client-based" access method slider on the Resource & Applications edit page, your org is NOT enabled for client-based ZTNA. )

Cisco Secure Connect is pleased to announce the general availability of Client-based ZTNA. If you have reached this page, then your Secure Connect subscription is ready for an upgrade to support Client-based ZTNA. The early phases of enablement of Client-based ZTNA will be customer-initiated, support executed, and there will be some minor configuration loss. This page will focus on enabling the feature and does not replace the documentation for client-based ZTNA.

Client-based ZTNA Feature Entitlement 

Secure Connect has several Packages and the following details entitlement for client-based ZTNA. 

Package Entitled? 
Cisco Secure Connect Foundation Essentials  No
Cisco Secure Connect Foundation Advantage  No
Cisco Secure Connect Complete Essentials  Yes
Cisco Secure Connect Complete Advantage Yes

Pre Enablement Work

Before enabling Client-based ZTNA, it's important to understand the impact of your Secure Connect subscription. 

What will be Migrated

  • Private Applications
  • Browser-based Access policy will migrate to Zero Trust Access Policy (Posture profiles will be dropped)
  • Cloud-based firewall policy for private applications

What will NOT be Migrated

  • Browser-based posture profiles
  • ICMP apps

Cisco recommendations

  • Document all Private applications, Zero Trust policies, Cloud firewall private rules & posture profiles
  • Selecting a time for the upgrade that is off-peak utilization of the service

Step to enable

Once you have reviewed the steps for enablement and understand everything, open a support ticket to start the upgrade process.

  1. Open up case with subject "Client-based ZTNA enablement". Include any additional questions you have as well as your selected time for upgrade. 
  2. Support will work with the customer to enable. 
  3. After enablement is complete, testing should be performed to ensure migrated applications and policies still operating as expected

Post Enablement

After enablement, Client-based ZTNA will be available as another connection method to private applications. For full details on how Client-based ZTNA works, refer to the product documentation

     

    • Was this article helpful?