08-06-2013 01:50 PM
I have a Cisco ASA 5515, running 9.0(2) and device manager version 7.1(2). What I am trying to accomplish is to examine SSL/AnyConnect client requests, check to see if they are from a company PC and allow them access if the are. If they are not, I would like to check for AV/Spyware/Firewall and start them/update them if the need it, or deny access if they are missing, will not start or will not update. It seems to me that I need to implement a combination of features to accomplish this. The problem I am having is understanding which pieces of which I actually need. My ASA is licensed for AnyConnect Premium and Advanced Endpoint Assessment, so I think I have everything I need except the brain power to untangle this.
Any help, such as good examples to follow would be much appreciated!
Solved! Go to Solution.
08-06-2013 04:08 PM
Yes, the AnyConnect Premium plus AEA license using CSD should cover what you need.
Have you had a look at this whitepaper on configuring Dynamic Access Policies? I believe it covers everything you're wanting to do and then some.
08-06-2013 04:08 PM
Yes, the AnyConnect Premium plus AEA license using CSD should cover what you need.
Have you had a look at this whitepaper on configuring Dynamic Access Policies? I believe it covers everything you're wanting to do and then some.
08-07-2013 05:51 AM
Marvin, this is excellent! Not sure why I was never able to find it before, but thanks!
08-07-2013 05:59 AM
You're welcome. Glad it helped.
Thanks for the rating - that one broke me into the VPN Leaderboard.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: