Quickstart – Bring Your Own Device with Zero Trust

Cisco Secure Access Zero Trust Access can connect unmanaged devices securely to private resources in on-premises data centers managed by your organization and in private and public clouds. Secure Access ZT provides visibility into user and device identities, supports network connectivity, and manages the security posture of unmanaged devices.

Bring your own devices (BYODs) are devices that are not managed by your organization, but are devices that are permitted by your organization to connect to certain private resources. An administrator shares an organization's private resource URL to the user of a BYOD device. An administrator must include the BYOD device in the Secure Access ZT endpoint posture profile and users of the devices are members of the organization.

The procedure to start onboarding unmanaged devices with Secure Access Zero Trust in an organization should take no more than ten minutes.

Table of Contents



  1. Deploy network connectors in Secure Access.
  2. Provision users and groups in Secure Access. For more information, see Manage Users and Groups.
  3. Configure SAML integrations with identity providers (IdPs). For more information, see Configure Integrations with SAML Identity Providers.
  4. Create Zero Trust (ZT) posture profiles for the user devices in the organization. For more information, see Manage Zero Trust Access Posture Profile.
  5. Provide Secure Access private resource URLs to users on unmanaged devices.
  6. Create a policy rule or add an ZT posture profile to an existing Secure Access rule. For more information, see Add Access Rules.

Test Your Connectivity

  • Check that you can reach private resources protected by Secure Access.

Quickstart – Browser and SAML Authentication < Quickstart – Bring Your Own Device with Zero Trust > Limitations and Range Limits