We used to have users in various groups setup for AnyConnect, and at that time we could control which systems and services remote users could access. Once we implemented SSO with MFA with our Azure AD, we lost this ability, but we're trying to figure...