Err, no there ain't. However, if you use something like iPass (www.ipass.com) for your internet connection, that can check for the presence of AV and PFW's before allowing a connection to the Internet and subsequently to the 3030.
Yes definately. The VPN client (from 3.6 onwards) also actually has a firewall built into it, which you can leave turned on even if the VPN client isn't running.
Other than that, you can configure the concentrator group to require that the client has anti-virus software running before it will establish a connection. We currently support (as of 4.0) BlackIce, ZoneAlarm, ZA Pro, ZA Integrity, Sygate PFW, Sygate PFW Pro, Sygate Security Agent and Cisco Security Agent.
Check the Client FW tab under the group on the concentrator, the online help has all the info you need to configure it (you don't need to do anything on the client specifically other than have the appopriate firewall SW running).
Cisco is releasing NAC soon. (network access control) NAC will have a client app called the Trust Agent. The next hop router inside the network can make sure the end client conforms to specifications (app versions, anti-virus client, etc) before routing the traffic from that client by communicating with the Trust Agent.
I'm sure they'll probably update the VPN concentrator to interact direclty with the Trust Agent as well as it makes obvious sense to do so.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :