Zero Trust Platform
vs. Evolution of the VPN Agent
Cisco® Secure Client is an evolution of the VPN agent, Agilicus AnyX completely eliminates the need for a VPN.
Discover why Identity-Aware Zero Trust access beats a socket intercepting VPN Agent.
The Fundamental Difference
The choice between Agilicus AnyX and Cisco Secure Client (Formerly Cisco AnyConnect®) is a choice between a complete Zero Trust platform and a management tool for legacy VPNs. Where Cisco Secure Client uses a Zero Trust Access module for client deployments 5.1.3.62 or later, and has very specific system requirements, Agilicus AnyX provides Zero Trust Access to all your resources, without additional modules, even for legacy hardware.
Agilicus AnyX
Zero Trust platform with direct connection to shared resources via proxy through a web-browser, without requiring any clients to install, manage, update, or additional modules to implement Zero Trust.
Cisco Secure Client
Client based architecture with an additional Zero Trust Access module, which connects users to shared resources via Cisco Secure Client using socket intercept to create micro-tunnels.
Security Model Comparison
Agilicus AnyX
Proxy connection
→
On-Demand Direct connection via proxy to access shared resources
Cisco Secure Access Client
VPN Tunnel
→
Tunneled “Always on” persistent VPN connection to access shared resources
Agilicus AnyX is a standalone Zero Trust platform that utilizes an identity aware proxy, authenticating users with their existing credentials and providing direct access to the shared resource at the authorization level of the user. AnyX is a self-updating browser based platform with no clients install, manage, or update. Cisco Secure Client utilizes a Zero Trust Access module to connect to the Secure Access Client, which provides Zero Trust access to the perimeter. Socket intercept to monitor application requests, creating a micro-tunnel for the user to connect to the shared resource.
Agilicus AnyX is a complete Zero Trust Network Access platform, comprising authentication, authorization, audit, access. One of AnyX’ core features is the ability to remotely use a remote graphical environment, via both Remote Desktop Protocol, and VNC. These are available via a browser, or via a native client, and incorporate Agilicus’ trademark simple, seamless, single-sign-on via your existing identity providers, for your staff, your partners, with optional multi-factor authentication.
Why Modern Teams Choose Agilicus
Compare capabilities side-by-side.
Feature
Agilicus AnyX
Cisco Secure Access Client
Client Requirement
What does the user need to install?
None (Browser Only)
No Clients to Manage or Configure. Self Updating
Requires Cisco Secure Client
Client Software Updates Configured by Administrator
Network Model
Proxy Based
Direct connection of user to resource
Operates with outbound-only connection, eliminating the need for publicly accessible IP address
Tunnel based
Full-tunnel client
Publicly accessible IP address required for inbound/outbound traffic
On-Demand Resource Access
Portal based resource access when needed
On-Demand / Just in Time
Always-On “Intelligent VPN”
Always-On / Persistent connection
Access System Requirements
Any device with a web browser.
Windows devices require WebView2 for Zero Trust Access Module
macOS devices must be on a system that contain Apple T1 chip
iOS 17.2+
Android 14+
BYOD friendly
Yes
Identity based authorization and authentication, utilizes the web browser as the secure perimeter
No
Access includes device posture, limiting access to devices that are provisioned by the organization
Architectural Approach
Clientless architecture utilizing a proxy to share internal resources via a web browser through an outbound only connector inside your network
Uses socket intercept. Instead of redirecting your entire network, it monitors application requests at the OS level. If you try to open a specific internal app, it creates a tailored “micro-tunnel” specifically for that app.
Industrial Control Systems Support (HMI, PLC, SCADA)
Native Out of the Box Support for HMI, PLC, SCADA Industrial Control Systems
Hardware-Dependent. Often requires Cisco Industrial Ethernet switches or Cyber Vision integration.
Clientless Universal Access
Access all resources from any device with a web browser.
- Equal security across all devices accessing resources
- Enable BYOD while maintaining security
- Easy Access to all authorized resources in one tile-based web launcher
Granular Authorization
Granular authorization and permission levels on a per resource level.
- Enforce read vs write permission levels per user
- Enable specific users to perform specific tasks on a resource
- Native resource request workflow for task based permissions
Per-Resource Authentication
User authentication at a per resource level to enable granular authorization.
- Enables granular audit logs for what user on what device
- Eliminate shared passwords and team level access
- Provision / Decommission resources on a per user basis
Ready to move beyond legacy remote desktop?
Experience the security of a complete Zero Trust platform. No Clients to manage, no shared passwords to fear.