11-10-2010 01:30 AM - edited 02-21-2020 04:57 PM
Hi,
We are running an ASA 5540 on ver. 8.2.3 with AnyConnect 2.5.2001 and CSD 3.5.
I've created a DAP policy that checks for our AntiVirus version and dat file version and it works just fine. Posture Assessment on AnyConnect client when connecting takes about 5 seconds.
Now, if I enable Advanced Endpoint Assessment for our AV product, and configures it to do an automatical update in case dat files are older than 14 days, the posture assessement times increases to 30 seconds! Might not sound as much, but when sitting there waiting to be able to put in your password, 30 seconds is a long time
So it does work - it just takes a long time compared to just checking the version, and then deny logon if dat files are older than x number of days.
Has anyone else noticed this? Is it by design, or is there something we can do other than just disable Advanced EndPoint Assessment now that we've bought the license?
Thanks in advance,
Rasmus
11-16-2010 07:32 AM
Are you seeing this slow logon on multiple machines or just one? What is the exact version of CSD that you are running?
Todd
11-18-2010 01:24 AM
Multiple - all in fact.
We are running ver. 3.5.1077.
/Rasmus
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide