Cisco
Login
Search
Activity Upgrade

Before You Begin Guidelines and Limitations

Last updated: Jul 17, 2025

Guidelines and Limitations

Umbrella Application Settings and Secure Access Policy

Umbrella Application settings and Secure Access policy are not shared between the two dashboards, therefor changes are not reflected between Secure Access and Umbrella.

An Application Setting in Umbrella with block and allow accesses are seperated into two Application Lists in Secure Access. An Application List will only have block or allow to support Access policy.

Umbrella Policies and Components in Security Profiles and Internet and SaaS Resources

Once the upgrade begins, Delete function is disabled for Umbrella policies in Secure Access until you complete Step 4 in the Upgrade Manger and close your Umbrella account. Additionally, the Umbrella policy components listed in Security Profiles and Internet and SaaS Resources cannot be deleted in Secure Access while the Upgrade Manager is active.

Security Profiles

A Cisco Secure Access Security profile is a reusable component that you can use in the rules on the Access policy. A Security profile for internet access includes security controls and other settings such as acceptable use controls that you configure as a set. For more information, see Add a Security Profile for Internet Access. Security Profiles include:

Internet and SaaS Resources

Items on Internet and SaaS Resources page are reusable components (sometimes known as "objects") that can be used as destinations when configuring internet access rules. Internet and SaaS resources include:

disabled delete button

Block Page Bypass

Block Page Bypass is not copied over. For more information on the Secure Access feature, see Notification Pages.

Custom User Roles

Custom user roles are not copied over. Secure Access has only two roles:

  • Full Admin

  • Read-Only

For more information see, Add a New Account .

Legacy Umbrella Content Categories

Legacy Umbrella Content Categories will be upgraded to their equivalents in Secure Access. For more information see Available Content Categories.

Umbrella Legacy API Keys

Legacy API keys will not transfer to Secure Access since Umbrella API was released in 2022. In Secure Access you continue to use API Keys, KeyAdmin Keys, and Static Keys. For more information see, Manage API Keys and Secure Access API Authentication.

Static Keys

In Secure Access, Static Key is found by navigating to Connect > Users, Groups > Configuration Management > Integrate Directories > IdP. For more information, see Provision Token for Identity Provider.

Selective Decryption

Umbrella's Selective Decryption is upgraded to Do Not Decrypt List in Secure Access. While the Upgrade Manager is running, you can not make changes to the Do Not Decrypt List that is linked to a policy created in Umbrella. This option is enabled once you close your Umbrella account. For more information on the Intelligent Proxy see Enable the Intelligent Proxy. See Important Information About Do Not Decrypt Liststo learn more.

Screenshot of Intelligent Proxy Settings where the Do Not Decrypt Lists drop down is disabled.
Previous topic Activate Upgrade Manager in Umbrella Next topic Prerequisites