cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
608
Views
0
Helpful
1
Replies

AnyConnect HIP Checks

CiscoMedMed
Beginner
Beginner

I would like to characterize the machines that are currently attaching to AnyConnect. Is there any way on the ASA that I can see what OS a user is using? Or if they have AV or Malware protection? Or what model of hardware?

1 Accepted Solution

Accepted Solutions

Rob Ingram
VIP Master VIP Master
VIP Master

@CiscoMedMed the best way would be if you used ISE Posture, this will collect endpoint attributes such as OS and installed applications on a per endpoint basis and run reports.

https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273#toc-hId--1359647860

 

You could use ASA DAP (Dynamic Application Policies) which you scan and permit access depending on install application (i.e. AV) or OS, but I'm not aware of an obvious way to report on this (unlike if using ISE). You may be able to filter on DAP specific syslog messages and send these to a syslog server.

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/108000-dap-deploy-guide.html

 

 

View solution in original post

1 Reply 1

Rob Ingram
VIP Master VIP Master
VIP Master

@CiscoMedMed the best way would be if you used ISE Posture, this will collect endpoint attributes such as OS and installed applications on a per endpoint basis and run reports.

https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273#toc-hId--1359647860

 

You could use ASA DAP (Dynamic Application Policies) which you scan and permit access depending on install application (i.e. AV) or OS, but I'm not aware of an obvious way to report on this (unlike if using ISE). You may be able to filter on DAP specific syslog messages and send these to a syslog server.

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/108000-dap-deploy-guide.html

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers