The RADIUS + Change of Authorization (CoA) feature support in FTD 6.4 includes using ISE (as a RADIUS server) to assess posture and then send a CoA to FTD as a result of the posture assessment.
See @hslai 's posting here:
Is that also true for the support for AnyConnect ISE posture in Firepower 6.4? The release notes for 6.3 and 6.4 doesn't state this explicitly, and the config guides for 6.3 and 6.4 are identical on support for ise posture
The only supported VPN client is the Cisco AnyConnect Secure Mobility Client. No other clients or native VPNs are supported. Clientless VPN is not supported for VPN connectivity; it is only used to deploy the AnyConnect client using a web browser.
The following AnyConnect features are not supported when connecting to an FTD secure gateway:
When doing posture, the assessment is done between the client and ise over anyconnect.
Between ftd and ise, you need coa, communication with ise and url redirect. The first 2 I'm sure these are working fine but for the last one (url redirect), not tested yet and not sure if that works.
Maybe @marvin has tested this last capability.