topic Re: Does profiling function available for SSL VPN of ASA with ISE/AD integration? in Network Access Control

Does profiling function available for SSL VPN of ASA with ISE/AD integration?

ckli — Wed, 31 Oct 2018 07:28:39 GMT

Hi experts，

If we sell ASA/FTD to the customer as the ssl vpn gateway with ISE/AD integration, the profiling function is working or not? Can we see what device the remote user use?

Re: Does profiling function available for SSL VPN of ASA with ISE/AD integration?

ognyan.totev — Wed, 31 Oct 2018 07:33:54 GMT

I think yes but i never tested it ? I think it will profiled by AD probe.

Re: Does profiling function available for SSL VPN of ASA with ISE/AD integration?

hslai — Thu, 01 Nov 2018 01:56:55 GMT

For Windows and macOS desktop OS clients with recent AnyConnect VPN module and ASA code, ASA sends MAC addresses to ISE to create/update endpoints for profiling. For mobile OS, such as Apple iOS, it depends on whether EMM configuration meeting what stated in AnyConnect Apple iOS - Transition to Apple's latest VPN framework (NetworkExtension).