{"pageModel":{"attributes":{"id":"","name":"121274.dita","viewName":"DitaDetail"},"elements":{"ditaContent":{"name":"DITAContent","value":"<article id=\"quickstart--bring-your-own-device-with-zero-trust\" class=\"topic task\">\r\n<h1 class=\"title topictitle1\">Quickstart – Bring Your Own Device with Zero Trust</h1>\r\n<div class=\"body taskbody\">\r\n<section class=\"section context\">\r\n<p class=\"p\">Cisco Secure Access Zero Trust Access can connect unmanaged devices securely to private resources\r\n            in on-premises data centers managed by your organization and in private and public clouds. Secure Access ZT provides visibility into user and device identities, supports network connectivity, and manages the security posture of unmanaged devices.</p>\r\n<p class=\"p\">Bring your own devices (BYODs) are devices that are not managed by your organization, but are devices\r\n            that are permitted by your organization to connect to certain private resources. An administrator shares\r\n            an organization's private resource URL to the user of a BYOD device. An administrator must include the BYOD\r\n            device in the Secure Access ZT endpoint posture profile and users of the devices are members of the organization.\r\n          </p>\r\n<p class=\"p\">The procedure to start onboarding unmanaged devices with Secure Access Zero Trust in an organization\r\n            should take no more than ten minutes.\r\n          </p>\r\n</section>\r\n<div class=\"section prereq p\">\r\n<div class=\"tasklabel\">\r\n<h1 font-weight=\"bold\" class=\"sectiontitle tasklabel cB_Bold\">Before you begin</h1>\r\n</div>\r\n<ul class=\"ul\">\r\n<li class=\"li\">Full Admin user role. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/118836.dita\" title=\"\">Manage Accounts</a>.</li>\r\n</ul>\r\n</div>\r\n<div>\r\n<h3>\r\n<h3 font-weight=\"bold\" class=\"sectiontitle tasklabel cB_Bold\">Procedure</h3>\r\n</h3>\r\n</div>\r\n<table class=\"stepTable\" border=\"0\">\r\n<tbody>\r\n<tr class=\"li step\">\r\n<td align=\"center\" valign=\"middle\" class=\"ordered-number\">1</td>\r\n<td align=\"left\" valign=\"top\" border=\"0\">\r\n<p class=\"ph cmd\">Deploy network connectors in Secure Access.</p>\r\n<div class=\"itemgroup info\">\r\n<ul class=\"ul\">\r\n<li class=\"li\">Deploy connector groups in Secure Access. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/118906.dita\" title=\"\">Manage Resource Connectors and Connector Groups</a>.</li>\r\n<li class=\"li\">Deploy network tunnel groups in Secure Access. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/118900.dita\" title=\"\">Manage Network Tunnel Groups</a>.</li>\r\n<li class=\"li\">Configure a network tunnel on a network device from within your data center or public network. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/120419.dita\" title=\"Prerequisites, requirements, and reference information for establishing an IPsec IKEv2 tunnel from a supported network device to a Cisco Secure Access data center.\">Device Compatibility and Network Tunnels</a>.</li>\r\n</ul>\r\n</div>\r\n</td>\r\n</tr>\r\n<tr class=\"li step\">\r\n<td align=\"center\" valign=\"middle\" class=\"ordered-number\">2</td>\r\n<td align=\"left\" valign=\"top\" border=\"0\">\r\n<p class=\"ph cmd\">Provision users and groups in Secure Access. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/118913.dita\" title=\"\">Manage Users and Groups</a>.</p>\r\n</td>\r\n</tr>\r\n<tr class=\"li step\">\r\n<td align=\"center\" valign=\"middle\" class=\"ordered-number\">3</td>\r\n<td align=\"left\" valign=\"top\" border=\"0\">\r\n<p class=\"ph cmd\">Configure SAML integrations with identity providers (IdPs). For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/118760.dita\" title=\"\">Configure Integrations with SAML Identity Providers</a>.</p>\r\n</td>\r\n</tr>\r\n<tr class=\"li step\">\r\n<td align=\"center\" valign=\"middle\" class=\"ordered-number\">4</td>\r\n<td align=\"left\" valign=\"top\" border=\"0\">\r\n<p class=\"ph cmd\">Create Zero Trust (ZT) posture profiles for the user devices in the organization. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/118919.dita\" title=\"\">Manage Zero Trust Access Posture Profile</a>.</p>\r\n</td>\r\n</tr>\r\n<tr class=\"li step\">\r\n<td align=\"center\" valign=\"middle\" class=\"ordered-number\">5</td>\r\n<td align=\"left\" valign=\"top\" border=\"0\">\r\n<p class=\"ph cmd\">Provide Secure Access private resource URLs to users on unmanaged devices.</p>\r\n</td>\r\n</tr>\r\n<tr class=\"li step\">\r\n<td align=\"center\" valign=\"middle\" class=\"ordered-number\">6</td>\r\n<td align=\"left\" valign=\"top\" border=\"0\">\r\n<p class=\"ph cmd\">Create a policy rule or add an ZT posture profile to an existing Secure Access rule. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/118910.dita\" title=\"\">Manage the Access Policy</a>.</p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n<section class=\"section postreq\">\r\n<div class=\"tasklabel\">\r\n<h1 font-weight=\"bold\" class=\"sectiontitle tasklabel cB_Bold\">What to do next</h1>\r\n</div>\r\n<ul class=\"ul\">\r\n<li class=\"li\">Check that you can reach private resources protected by Secure Access.</li>\r\n</ul>\r\n</section>\r\n</div>\r\n</article>\r\n","ditaVal":"","format":"html"},"bookTitle":{"value":""},"shortDescription":{"value":""}}},"parameters":{"appId":"SecureAccess","topicAlias":"quickstart-browser-with-zero-trust"}}