I have an ASA 5515-x running 9.03, and have AnyConnect clients running version 3.1.04063. I am licensed for Advanced Endpoint Assessment and CSD. The issue I am having is when I client connects using TrendMicro AV, and the Trend service is stopped, the Endpoint Assessment recognized this and attempts to start (which is good!), but it fails to start with the following warning logged:
you should be able to do this using DAP (Dynamic Access Policies) on the ASA, i.e. create a DAP rule that denies the connection if endpoint.av["TrendMicroAV"].activescan has a value of false, and a default rule that allows all other connections.
Show Name: Thoughts on Security at Cisco Live US 2018 in Orlando
Contributors: Kevin Klous, David White Jr., Aaron Woland, Jeff Fanelli
Posting Date: June 2018
Description: The team goes on-site in the Cisco Live Speaker room in...
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...