VPN Solution Requrement -HHT (Intermac CN3 & CN50) with MAC Checker Security

arumugasamy · ‎01-13-2010

We are using GPRS supported Handheld Terminals which connects to our ERP application through VPN .
At present they are connecting to our Cisco ASA 5520 using Remote Access VPN with username authentication.
We require a second level of Security which can check the MAC address or other criteria so that only authorized device can access through VPN.
Kindly provide us a VPN solution with necessary costing which can provide two level of security Authentications and should support HHT’s,Laptops & Desktops.

Thanks

hdashnau · ‎01-13-2010

You should consider using Dynamic Access Policies with CSD. You can use this to check for a registry setting, file, certificate, AV, FW, AS etc before allowing the computer to connect. The DAP check is done at the same time you enter your username and password. You can read more about DAP and how to deploy it here:

http://www.cisco.com/en/US/products/ps6120/products_white_paper09186a00809fcf38.shtml

DAP only has limited functionality with the traditional IPSec client, but has full functionality with the AnyConnect SSL vpn. The ASA comes with a default of 2 free licenses for testing. If you need additional licenses, you can purchase them by emailing licensing@cisco.com or contacting your account team or reseller. The licenses come in two forms (essential and full) -- you would need the full license to be able to do DAP as it is not supported with the essentials license.