Not sure if this belonged in VPN discussion / Firewalling etc.. may try re-posting there if I get no bites here.
I've been working on a config to test if users connecting via SSL VPN have AV of some kind installed on their system, and if not to deny connection.
I've gone through everything I could read on DAP and CSD host scanning.. they cover the Advanced Endpoint Assessment extensions of Host Scanning, but they gloss over the basic Endpoint Assessment extension and it's configuration options.
AEA is an additional license, so I want to avoid using that if possible. It sounded like from their one liner in the documentation that regular old EA could satisfy what I need to put into a DAP (judging if a given piece of AV was present on a connecting endpoint). If you have experience with basic EA please let me know whether it can satisfy my requirements and ideally point me in the direction of some documentation/configuration examples.
(Also in case it comes up, I don't need to ENFORCE anti-virus, just check it's presence, and my understanding was that the advantages of AEA were it's ability to force av and local firewall policies - which I don't need).
Are you responsible for risk management, compliance management and auditing of a network?
If so, we’d like to speak with you to learn your current processes of enforcing compliance and managing risk to help us develop services that will ...
Once you've expanded Cisco Secure Endpoint connector deployment to about 50% of your licensed count (check out this article that shows you how to do that), it's time to put those connectors to action i.e. convert them to Protect from Audit mode for vari...
Hello! I’m Betsy, UX Researcher, on the Cisco+ Secure Connect Now team. Nice to meet you all .We have a short survey to learn about your Zero Trust Network Access (ZTNA) journey. Whether you have, plan to, or have not implemented a ...
A set of interface access rules can cause the Cisco Adaptive Security Appliance to permit or deny a designated host to access another particular host with a specific network application (service). When there is only one client, one host and one se...
How To: Cisco ISE Captive Portals with Aruba Wireless
Authors: Adam Hollifield, Brad Johnson
IntroductionPrerequisitesMinimum RequirementsComponents UsedConfigurationAruba Wireless ControllerWLAN CreationAuthentication ConfigurationRole & Policy Confi...