With regard to your requirements:
- Track each user by PC Name or IP Address:
For both onsite and mobile users, Anyconnect Roaming client or Umbrella ERC module would be the best. Both of them give you an extra layer of protection - IP layer enforcement to protect direct IP communication. With AnyConnect you'll be able to utilize SWG feature as well in future (full proxy mode, HTTP/HTTPS requests control and visibility)
Another option for onsite users would be Umbrella VM which gives you the internal IP address visibility, for PC name visibility AD integration is required.
- Ensure mobile / laptop / tablet protected even when they travel
Anyconnect Roaming client or Umbrella ERC for sure your choice.
- Ensure users cannot disable roaming clients
For Umbrella ERC it is possible with limiting users right in Windows. For AnyConnect Roaming client lockdown feature is available during deployment - https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect43/administration/guide/b_AnyConnect_Administrator_Guide_4-3/deploy-anyconnect.html#ID-1425-000002b3
- Deep scan of URL if possible
With AnyConnect will be possible soon
- IPS / Antivirus
All traffic passing through Umbrella cloud is scanned/inspected by multiple security engines like AV/Malware protection/etc.
Let me know if you have further questions. If you find the reply helpful please mark it accordingly.