When an Anyconnect client 4.1.02011 tries a connection to Cisco ASA (with Host Scan 3.1.06073 installed), the McAfee VirusScan and McAfee HIPS are not detected even though they are installed on the client PC.
In order to solve the problem, client has upgraded the Host Scan version to 4.1.02011 but the Prelogin Policy pane in Secure Desktop manager menu disappeared from ASDM and all prelogin and posture checks were not performed anymore. Therefore, all Anyconnect client VPN connections are successful even though certificate, AntiVirus or HIPS are not installed in the client PC. Indeed, Dynamic Access Policies configured are not matched any more.
anyone know this issue or something might have gone wrong?
The pre-login policies seem to have been depricated due to a vulnerability in the 4.x host scan versions, Seems like this feature will be coming back but there is no estimated date yet.
hope this helps.