Turning a necessary migration into a meaningful security upgrade
Cisco Umbrella has been a staple of cloud-delivered security for years. For many organisations, it quietly sits in the background, providing DNS-layer protection without much day-to-day attention.
That’s about to change.
With Cisco Umbrella reaching end of software maintenance in September 2026, followed by full end of support in 2030, organisations now face a clear decision point. Not just when to migrate, but how.
Because this is not just a product change. It is an opportunity to rethink how users access applications, how security policies are applied, and how modern network access should actually work.
What’s actually changing
The timelines are important, but the implications matter more.
- No further software maintenance after September 2026 means no new features, no updates, and growing exposure to emerging threats
- End of support in 2030 effectively marks the point where running Umbrella becomes a risk, not just a legacy choice
- End of sale and renewal has already passed, limiting flexibility and long-term planning
This puts organisations on a defined path. Staying where you are is not a viable option, and delaying action only compresses the timeline later.
Why this isn’t just a migration
The default reaction is often to replace like for like. Move policies, replicate configurations, and keep everything running as it is.
That approach misses the point.
Cisco Secure Access is not simply a successor to Umbrella. It reflects a shift in how secure connectivity is delivered:
- Moving beyond DNS-layer controls into a broader, unified approach to securing access
- Enabling consistent access to applications regardless of location, device, or network
- Reducing reliance on traditional VPN models in favour of more granular, identity-led access
For many organisations, Umbrella was one part of a wider security stack. Secure Access brings those pieces closer together, creating an opportunity to simplify, standardise and modernise.
The risk of treating this as admin
Where migrations often go wrong is in treating them as a technical exercise rather than a strategic one.
Common pitfalls include:
- Lifting existing policies without reviewing whether they still make sense
- Recreating legacy access models that introduce friction for users
- Failing to align network access with broader Zero Trust ambitions
- Missing the chance to consolidate overlapping tools and controls
The result is typically a new platform delivering the same experience, the same complexity, and the same limitations.
What good looks like
Organisations that get this right tend to approach the migration differently.
Instead of asking “how do we move”, they start with “what should access look like going forward?”
That usually includes:
Phased adoption rather than big-bang migration Starting with defined user groups or services and scaling over time
Policy refinement, not just replication Using the transition as a chance to simplify, standardise and remove outdated rules
A shift away from network-centric access Reducing reliance on VPN-style access models where they are no longer needed
Clear decisions on where different access methods still make sense Whether that’s maintaining certain legacy approaches, or evolving towards Zero Trust Network Access
A longer-term roadmap Ensuring the migration supports broader priorities such as hybrid working, application modernisation and security convergence
A moment worth using properly
Most organisations will have to move away from Umbrella in the next few years. That part is inevitable. What varies is the outcome.
Some will treat it as a necessary task and aim to complete it as quickly as possible. Others will use the moment to address long-standing challenges around access, complexity and user experience.
The difference between those two approaches is significant.
If you are already starting to think about your move from Umbrella, it is worth stepping back and asking a simple question:
Are we just moving, or are we improving?
Speak to our experts
If Umbrella is part of your environment, now is the right time to look beyond the migration itself.
A short conversation can often highlight where there is an opportunity to simplify access, improve user experience and strengthen security outcomes.