https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542923#M615283 <HTML><HEAD></HEAD><BODY><P>Host Scan is only going to check the end point to ensure that the correct anti virus, anti spyware and personal firewall is enabled with the correct version and update. It will not be in any way the replacement for CSA where it is a host IPS.</P><P></P><P>Unfortunately there is no direct replacement for CSA within Cisco Security portfolio.</P><P>Here is the EOL notification for CSA which has referenced to that:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps2330/end_of_life_c51-602579.html">http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps2330/end_of_life_c51-602579.html</A></P><P></P><P>You might want to discuss this further with your Cisco AM.</P><P></P><P>Hope that helps.</P></BODY></HTML> Fri, 10 Dec 2010 23:49:41 GMT Jennifer Halim 2010-12-10T23:49:41Z https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542922#M615282 <P>Hello,</P><P></P><P></P><P>I've recently installed an ASA5520 running 8.2.3.</P><P></P><P>The customer requires VPN Client and Clientless end point threat assessment.</P><P></P><P>I understand there is a license needed to enable end point assessment but would I also need a NAC appliance or does the ASA provide some basic end point checks.</P><P>I know that CSD does a very limited check, but it does not look for malware, Trojans, patches and anti-virus software levels etc</P><P></P><P>When I look at the Host Scan configuration on the ASDM is comes up with a box saying "Host Scan only available in Version 8.4 or later"</P><P></P><P>Cisco have ended the CSA and not replaced it, that would have been a good solution.</P><P></P><P>Any info on Host Scan or whether I need a separate NAC bundle would most appreciated</P><P></P><P>Regards Tony </P> Mon, 11 Mar 2019 19:20:36 GMT https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542922#M615282 tholmes 2019-03-11T19:20:36Z https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542923#M615283 <HTML><HEAD></HEAD><BODY><P>Host Scan is only going to check the end point to ensure that the correct anti virus, anti spyware and personal firewall is enabled with the correct version and update. It will not be in any way the replacement for CSA where it is a host IPS.</P><P></P><P>Unfortunately there is no direct replacement for CSA within Cisco Security portfolio.</P><P>Here is the EOL notification for CSA which has referenced to that:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps2330/end_of_life_c51-602579.html">http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps2330/end_of_life_c51-602579.html</A></P><P></P><P>You might want to discuss this further with your Cisco AM.</P><P></P><P>Hope that helps.</P></BODY></HTML> Fri, 10 Dec 2010 23:49:41 GMT https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542923#M615283 Jennifer Halim 2010-12-10T23:49:41Z https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542924#M615284 <HTML><HEAD></HEAD><BODY><P>Hi Jennifer,</P><P></P><P></P><P>Thanks for the reply, If Host Scan can do even limited end point assessment then that is very useful, considering the cost of a NAC appliance.</P><P>I'll check&nbsp; into the reference to 8.4 with Cisco</P><P></P><P>Cheers Tony</P></BODY></HTML> Sun, 12 Dec 2010 16:38:01 GMT https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542924#M615284 tholmes 2010-12-12T16:38:01Z https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542925#M615285 <HTML><HEAD></HEAD><BODY><P>Host Scan can only check the end point to ensure that the&nbsp; correct anti virus, anti spyware and personal firewall is enabled with&nbsp; the correct version and update, ensuring that the end point is protected. It will not actually scan or provide malware scanning to the end hosts.</P><P>For malware and anti spyware scanning and URL filtering, you would need to use Ironport appliance or ScanSafe cloud solution.</P></BODY></HTML> Sun, 12 Dec 2010 22:34:26 GMT https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542925#M615285 Jennifer Halim 2010-12-12T22:34:26Z https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542926#M615286 <HTML><HEAD></HEAD><BODY><P>Hi Jennifer,</P><P></P><P></P><P>Thanks for your response, I'll certainly look into this</P><P></P><P>Regards Tony</P></BODY></HTML> Mon, 13 Dec 2010 10:33:32 GMT https://community.cisco.com/t5/network-security/asa-host-scan/m-p/1542926#M615286 tholmes 2010-12-13T10:33:32Z