Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2485
Views
0
Helpful
2
Replies

Need to configure Posture check policy for VPN users

Go to solution
IshwarBamane2910
Level 1
Level 1

‎04-27-2021 12:07 PM

Hi all,

Need to configure posture check policy for VPN users.

Can I get any documents for configuration,prerequisites for configuration.

In our network we don't have ASA firewall.so can we enable posture check for VPN user on Fortigate and Palo alto firewall ??? 

Is it a best practice to enable posture check other than ASA firewall ? 

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎04-27-2021 03:55 PM

Can I get any documents for configuration,prerequisites for configuration.

-See the following:

https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/215236-ise-posture-over-anyconnect-remote-acces.html

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/117693-configure-ASA-00.html

http://www.labminutes.com/video/sec

 

In our network we don't have ASA firewall.so can we enable posture check for VPN user on Fortigate and Palo alto firewall ??? 

-AFAIK no.  There are several Cisco proprietary related components that are utilized in the solution.

View solution in original post

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee

‎04-29-2021 02:59 PM

I do not think it would work.

Our teams have not tested VPN posture with 3rd-party network devices. With ASA (or FTD), ISE relies on the NADs to support CoA policy push.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎04-27-2021 03:55 PM

Can I get any documents for configuration,prerequisites for configuration.

-See the following:

https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/215236-ise-posture-over-anyconnect-remote-acces.html

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/117693-configure-ASA-00.html

http://www.labminutes.com/video/sec

 

In our network we don't have ASA firewall.so can we enable posture check for VPN user on Fortigate and Palo alto firewall ??? 

-AFAIK no.  There are several Cisco proprietary related components that are utilized in the solution.

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee

‎04-29-2021 02:59 PM

I do not think it would work.

Our teams have not tested VPN posture with 3rd-party network devices. With ASA (or FTD), ISE relies on the NADs to support CoA policy push.

0 Helpful
Customers Also Viewed These Support Documents