We are currently using Cisco Anyconnect ver 3.0.3050 with SEP11. Some users are getting a Port Scan Attack message from SEP11. Never saw this when using our previous Nortel VPN client. Has anyone seen this before?
Try adding an Application exception to your SEP policy.
Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11
Thanks Tom. I assume the exception should be for the service Anyconnect uses?
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
That path should work as the exception rule. If not, you might want to engage our support team for further assistance. BTW, I will no longer be at Symantec after this day.