Customer has deployed CWS in their network  and they  do not want the  users of their organization ever get a chance to un-install / tamper with the AnyConnect Client, The Laptops where Anyconnect Clients are  installed have Admin Rights. They are given admin rights because they are  using some applications which need admin rights. They do not have AD setup.

Is there any tamper proof solution for Cisco anyconnect mobility client so that the users cannot uninstall the mobility client from their laptops ?

Any pointers on this will be helpful.