cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3985
Views
40
Helpful
13
Replies

Secure Endpoint overtaking Cisco Anyconnect

curyn
Level 1
Level 1

Cisco has chosen to once again change the graphic icon for Secure Endpoint in the latest version (8.0). The new icon looks similar to Anyconnect but with different colors. They also made the GUI look exactly like Anyconnect's GUI. If those two things weren't enough to cause confusion, the latest version also transforms the Anyconnect shortcut in the Start Menu into a Secure Endpoint shortcut. So when you click on Anyconnect in the Start Menu, Secure Endpoint opens instead which now looks the same as Anyconnect! This is on a level of intentional sabotage. You can't make this stuff up!

13 Replies 13

They've been talking about consolidating their clients for many years.
The announced it at CiscoLive 2022... I think it was even in a key note....


[cid:image001.png@01D8A332.0BCE9590]

They are still two different applications, they just made them look the same, and the shortcut for Anyconnect opens the wrong application.

Jon333
Level 1
Level 1

Opening the AnyConnect client from the task tray seemed to correct running the client from the search bar and recreating the shortcut now opens the AnyConnect client instead of the Secure Endpoint.  

Hernan69
Level 1
Level 1

Same here, honestly....lets hope a workaround is in place soon. 

Troja007
Cisco Employee
Cisco Employee

Hello @curyn ,
Cisco Secure Client is not just changing an Icon. Cisco Secure Client is the new approach bringing separated Cisco Endpoint products more and more into a single endpoint product. If you know AnyConnect, there is no change for you, even using Secure Client. 

Secure Endpoint Module for Secure Client
Secure Endpoint is running as a module within Secure Client. After the installation, it registers to the Secure Endpoint cloud as usual. No change from the operating side for Secure Endpoint.TME-SecureEndpoint- Global TRP v1.2 2022-xx.png

AnyConnect (Secure Client)
The same here, you can operate is usual, no change needed. If using Secure Client, SecureX insight includes, the so called, package manager, where you can configure your profiles and the software package. Afterwards you can use the Network Installer or Full Installer to install Secure Client. All configured modules will then be installed, based on your configuration.
TME-SecureEndpoint- Global TRP v1.2 2022-xx_2.png

Hopefully this info makes it more clear for you. For any technical issue, you may check with TAC.There will be many different sessions available in the future to hear and learn more about Secure Client.
Greetings, Thorsten

Roman Valenta
Cisco Employee
Cisco Employee

This was discovered first on Friday.


During deployment of Secure Endpoint 8.0.1 through AMP Cloud policy sync, users with installed version of AnyConnect other than 5.x will face a issue with starting AnyConnect VPN through Windows Start Menu as both shortcuts will default to same UI. In this case both shortcuts will open the Secure Client UI.

Current Workaround:

You can still open the AnyConnect via toolbar from the right corner menu by right click "Open AnyConnect" also if you do that, from that moment both shortcuts in Start Menu will open AnyConnect UI if you do the same and open Secure Endpoint UI the same way you will revert back both shortcuts to be able open only Secure Endpoint UI.


Screenshot_2001.png

The other suggested possible approach is to upgrade Any Connect to version 5.x so there is only one single UI. For this approach is suggested to test this first on small group of endpoints before mass deployment. The outcome will looks like this.

pic.png

External BUG will be available soon, will update once that is ready.

Roman Valenta
Cisco Employee
Cisco Employee

Quick update on this:

Bug ID currently in process of externalization: CSCwc59031

External Facing Document:

Broken Shortcut Links in Start Menu after Secure Client(Secure Endpoint) Update to 8.0.X Running with AnyConnect 4.X.X on Windows

https://www.cisco.com/c/en/us/support/docs/security/secure-endpoint/218014-broken-shortcut-links-in-start-menu-afte.html

Roman Valenta
Cisco Employee
Cisco Employee

Latest news on this is that we identified the issue and working on the patch. There will be most likely new release 8.0.1 connector with the patch available very soon. I don’t want to set this in stones but expecting something with in few days and as early as beginning of next week.

Roman Valenta
Cisco Employee
Cisco Employee

Looks like last update to this thread.

We are planning to release Cisco Secure Endpoint Windows Connector 8.0.1.21164 today (Aug 5th) to the production environments at roughly these times.

APJC    - 12:00 MDT (18:00 UTC)

EU        - 13:00 MDT (19:00 UTC)

NAM    - 14:00 MDT (20:00 UTC)

Cisco Secure Endpoint Windows Connector 8.0.1.21164 Release Notes

 

Bugfixes/Enhancements

 

  • Addressed an issue where older versions of the AnyConnect (4.10 and earlier) start menu shortcut would launch the connector instead.

Roman Valenta
Cisco Employee
Cisco Employee

This issue is now fixed in SE 8.0.1.21164 which is now available in all clouds. Tested in my lab and confirmed.

If the issue is now fixed, why do I get this when trying (and failing) to run the Secure Client (8.0.1.21164) on a newly upgraded server with no history of AnyConnect ever having been installed?? (And yes, I have a TAC case open):

Function: wWinMain
File: C:\drone\src\GUI\Windows\GUI.cpp
Line: 182
AnyConnect GUI is already running, showing existing instance

....along with several other messages about AnyConnect...

This bug and the new release was only targeting issue seen on systems with previously installed AnyConnect prior version 5.0. The issue described in the bug and the document are specifically referring to issue with broken shortcut links in the START menu.

 

What you describing is something else. Looks like your issue is that you don't see the GUI portion on your Server machine? Can you verify that you are the ONLY  logged-in user on that server? If not would you mind close out all the users that are currently logged-in and try start the secure client again?  Also assuming that the upgrade from 7.5.3 was done via policy change in the AMP portal.

 

The other issue could be that the installation was corrupted, but with out diagnostic bundle it's hard to say what could happened. You can still try to run diagnostic bundle by navigating in to C:\Program Files\Cisco\AMP\8.0.1.21164 and run ipsupporttool.exe manually with "right click" Administrator. Since you have already open a case upload the log to the case notes.


Lastly as far for this log...

Function: wWinMain
File: C:\drone\src\GUI\Windows\GUI.cpp
Line: 182
AnyConnect GUI is already running, showing existing instance

....along with several other messages about AnyConnect...

 

Seeing AnyConnect referenced in the log above is most likely expected since the new Secure Endpoint UI which is called Secure Client is based of former AnyConnect UI. It doesn't mean that AnyConnect VPN client is installed on the system it's just that they share some of the drivers.

I was also able to look up that hostname for this machine in your picture and I can see that it communicates with the AMP cloud so that part seem to be working just fine.

Yup, that's the 1st thing I check when trying to use Cisco A/V is that I am the only user on the server. (Learned that one a while ago!) And yes, the install was done via Groups & Policy applied to only that group.

I'll try to run the ipsupporttool and upload logs.