04-22-2024 03:28 PM
Hi,
Has anyone had issues where you are running FTD with AnyConnect (secureclient) with Posture (DAP) enabled and some computers are sending the attribute endpoint.am=xxx and others aren't?
I have several devices not sending the anti-malware attribute and failing the posture on the RA-VPN.
04-24-2024 11:13 AM
What anti-malware are you using? Is the version number at parity between the working and non-working devices?
04-24-2024 11:23 AM
I have a DAP policy looking for MS Defender, MS Defender ATP, SentinelOne, Cisco AMP, Cortex, VMware Carbon Black, and others.
They are all listed here https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/secure-firewall-posture/support/charts/Secure_Firewall_Posture_Support_Charts_Version_5_1_2_42.html
As I have said, the DAP log on the firewall does not show any endpoint.am attribute which is quite odd.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide