11-08-2016 07:30 AM
Hello,
I was wondering if it is possible to do a check for installed programs on the client before allowing access. The clients would be Win7 / Win10 machines with anyconnect client, connecting to an ASA 5512. I would like to achieve the following:
1) Client starts connection
2) ASA checks if a certain program is running on the machine (e.g. an antivirus program) - if yes, allow connection, if no, deny connection
I was thinking this might be achieved through a group policy? If not, is there any other way to do this?
Solved! Go to Solution.
11-08-2016 07:58 AM
Hi,
Sure, by using AnyConnect posturing you are able to either check if an Antivirus is running, up to date, etc or check if the user has an specific file/software installed.
Refer to the following link: http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac05hostscanposture.html
11-08-2016 07:58 AM
Hi,
Sure, by using AnyConnect posturing you are able to either check if an Antivirus is running, up to date, etc or check if the user has an specific file/software installed.
Refer to the following link: http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac05hostscanposture.html
11-08-2016 08:13 AM
Thank you, this is exactly what I was looking for.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide