Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
250
Views
0
Helpful
1
Replies

Cisco ASA DAP Endpoint AV and Firewall

JZegers06
Level 4
Level 4

‎12-05-2023 12:24 PM

I am trying to use DAP to evaluate that the endpoint have ANY AV and ANY firewall enabled.  I have two separate functions that i believe i need to combine into a single LUA function so that i can use a single DAP record as both criteria must be hit.  These are the individual functions that i have confirmed work.  How can i merge these together?

 

LUA FIREWALL DAP:

assert(function()
for k,v in pairs(endpoint.pfw) do
if (EVAL(v.enabled, "EQ", "ok", "string")) then
return true
end
end
return false
end)()





LUA AV DAP:

assert(function()
for k,v in pairs(endpoint.am) do
if(EVAL(v.activescan, "EQ", "ok", "string")and EVAL (v.lastupdate, "LT", "2592000", "integer"))
then
return true
end
end
return false
end)()

0 Helpful
1 Reply 1

JZegers06
Level 4
Level 4

‎12-05-2023 01:17 PM

FYI i was able to find a way to do this.  I used these functions in individual DAP entries to solve my problem:

 

assert(function()
for k,v in pairs(endpoint.pfw) do
if (EVAL(v.enabled, "EQ", "ok", "string"))
then
return false
end
end
return CheckAndMsg(true, "Please enable firewall before connecting.", nil)
end)()

 

 

assert(function()
for k,v in pairs(endpoint.am) do
if(EVAL(v.activescan, "EQ", "ok", "string")and EVAL (v.lastupdate, "LT", "2592000", "integer"))
then
return false
end
end
return CheckAndMsg(true, "Please install antimalware software before connecting.", nil)
end)()

0 Helpful
Customers Also Viewed These Support Documents