cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1896
Views
0
Helpful
2
Replies

Advanced Endpoint Assessment prolongs AnyConnect logon time

rate
Level 1
Level 1

Hi,

We are running an ASA 5540 on ver. 8.2.3 with AnyConnect 2.5.2001 and CSD 3.5.

I've created a DAP policy that checks for our AntiVirus version and dat file version and it works just fine. Posture Assessment on AnyConnect client when connecting takes about 5 seconds.

Now, if I enable Advanced Endpoint Assessment for our AV product, and configures it to do an automatical update in case dat files are older than 14 days, the posture assessement times increases to 30 seconds! Might not sound as much, but when sitting there waiting to be able to put in your password, 30 seconds is a long time

So it does work - it just takes a long time compared to just checking the version, and then deny logon if dat files are older than x number of days.

Has anyone else noticed this? Is it by design, or is there something we can do other than just disable Advanced EndPoint Assessment now that we've bought the license?

Thanks in advance,

Rasmus

2 Replies 2

Todd Pula
Level 7
Level 7

Are you seeing this slow logon on multiple machines or just one?  What is the exact version of CSD that you are running?

Todd

Multiple - all in fact.

We are running ver. 3.5.1077.

/Rasmus