Good day, is it possible to create different profile for different type of OS users to connect to ASA VPN? we have a bunch of WFH users and some have W7 (ya i know right..) and W10 - we would like to have both connecting to the same VPN but due to some security measures we have in place with W7 and O365 our split tunnel will not allow W7 to access MS related products. I was thinking on setting up 2 profiles, with with and one without split tunneling - any info is greatly appreciated.
How do you authenticate your users? LDAP or RADIUS?
If using RADIUS server such as ISE, you could profile the computers and authorise the users to a different ASA group-policies (which defines the split tunnel configuration) depending on whether the computer was Windows 7 or Windows 10.
Alternatively if using LDAP or RADIUS, you can assign the different users to different AD groups and apply a group-policy depending on their group membership.
Hi, Sorry, no that wasn't what I meant, I was just providing the different options depending on the method you maybe using.
If you are using RADIUS, group the users with different OS's into separate AD groups, then authorise those users and assign them to a different ASA group-policy, which can be applied via the RADIUS server.
We’re excited to announce new capabilities with Secure Endpoint that allow you to simplify your security and maximize your security operations: Unify your security stack and reduce agent fatigue with Cisco Secure Client; harness integrated risk-based vuln...
Listen: https://smarturl.it/CCRS8E47 Follow us: twitter.com/CiscoChampion
Ransomware, fileless malware, and zero-day attacks continue to target organizations around the world. In response, organizations have resorted to deploying a variety of di...
This is a general information page for Cisco Threat Centric (TC-NAC) with ISE
Threat Centric Network Access Control (TC-NAC) feature enables you to create authorization policies based on the threat and vulnerability attributes received from the th...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...
Cisco Secure Endpoint (formerly AMP for Endpoints) will decommission legacy cloud servers, which results in Legacy Windows Connector Versions 3.x/4.x and Mac Connector Version 1.0.x ceasing to ...