1. VPN - Cisco Secure Client offers various options for automatically connecting, reconnecting, or disconnecting VPN sessions. These options make it convenient for users to connect to your VPN while supporting your network security needs. An always-on intelligent VPN allows client devices to automatically select the best network access point and adapt its tunneling protocol to the most efficient method. This can include the Datagram Transport Layer Security (DTLS) protocol for latency-sensitive traffic.

2. VPN Management Tunnel - Management VPN tunnel provides connectivity to the corporate network whenever the client system is powered up, not just when the end-user establishes a VPN connection. Endpoint OS login scripts requiring corporate network connectivity will also benefit from this feature.

3. Zero Trust Access module - Zero Trust Access reduces the attack surface by hiding applications, and expands your level of knowing, understanding, and controlling who and what is on your network. Beyond the traditional VPN, Zero Trust Access offers more granular control and a secure user experience for a comprehensive network solution. Unlike VPNs, which may trust any entity that passes network control, the Zero Trust Access approach does not trust any user or device until it is verified. No one is automatically trusted; once verified, users are granted limited access and are subject to continuous re-verification.

4. ZTNA Support - Currently supported by the Cisco Secure Access solution.

5. Cloud Management Module - Stand-alone Cisco Secure Client Cloud Management enables administrators to create cloud managed deployments of Cisco Secure Client. This deployment configuration offers the option to download a lightweight bootstrapper, containing only the necessary information for the endpoint to connect to the cloud and receive the specified Cisco Secure Client and modules along with their associated profiles. A full installer is also available. In either case, administrators distribute the installers to the endpoints using their preferred software distribution method.

6. Secure Endpoint Module - Secure Client  also integrates optional Secure Endpoint functions, significantly expanding endpoint threat protection. Cisco Secure Endpoint is licensed separately.

7. Umbrella Roaming Security module - Umbrella Roaming Security provides DNS-layer security when no VPN is active and adds an Intelligent Proxy. Automatically block malware, phishing, and C2 callbacks on roaming devices.

8. ISE Posture module - Perform endpoint posture assessment on any endpoint that fails to satisfy all mandatory requirements and is deemed non-compliant. ISE Posture conducts a client-side evaluation. The client receives the posture requirement policy from the headend, gathers the necessary posture data, compares the results against the policy, and sends the assessment results back to the headend. Although ISE ultimately determines the endpoint’s compliance status, it depends on the endpoint’s own evaluation of the policy.

9. Secure Firewall Posture (formerly HostScan) - Secure Firewall Posture is the application that gathers what operating system, antivirus, antispyware, and software is installed on the host. Based on the result of the policy’s evaluation, you can control which hosts are allowed to create a remote access connection to the security appliance. The following posture checks are supported in Secure Firewall Posture : Hostname, IP address, MAC address, port numbers, OPSWAT version, BIOS serial number, and certificate field attributes. Note that Secure Firewall Posture is not supported on mobile devices such as Android, iOS, ChromeOS, or UWP.

10. Network Visibility Module - The Network Visibility Module delivers a continuous feed of high-value endpoint telemetry, which allows organizations to see endpoint and user behaviors on their networks. It collects flow from endpoints on and off-premises and valuable contexts like users, applications, devices, locations, and destinations. It caches this data and sends it to the Network Visibility Module Collector when it is on a trusted network (the corporate network on-prem or through VPN).

11. Network Access Manager - Network Access Manager is client software exclusively for Windows that ensures a secure Layer 2 network in line with its policies. It detects and selects the optimal Layer 2 access network and performs device authentication for access to both wired and wireless networks. Network Access Manager handles user and device identity as well as the network access protocols necessary for secure access. It operates intelligently to prevent end users from making connections that violate administrator-defined policies.

12. ThousandEyes - The ThousandEyes Endpoint Agent is an application that gathers network and application-layer performance data when users access specific websites from within monitored networks. It enhances customers' ability to gain a comprehensive view of their application health, enabling them to make better-informed decisions and resolve issues more quickly. When ThousandEyes is installed within Secure Client, its version is displayed in the Secure Client About box upon detection. The ThousandEyes agent, as part of Cisco Secure Client, is installed using the pre-deployment method.

List of OS supported for RA VPN?

• Windows 11 (64-bit), current Microsoft supported versions of Windows 10 x86(32-bit) and x64(64-bit), and Windows 8

• Microsoft-supported versions of Windows 11 for ARM64-based

• Microsoft-supported versions of Windows 10 for ARM64-based PCs

• Note: Initial CISCO SECURE CLIENT5.0 is Windows 10/11 Only. AnyConnect supports all the above. macOS 12, 11.2, 10.15, and 10.14 (all 64-bit)

• Red Hat

• Ubuntu

• SUSE (SLES)