Restrict VPN access based on computer name

We have a Cisco ASA that has VPN support.  Currently it authenticates via RADIUS based on the users domain user/password.  What we would like to do is also restrict access based on computer name so that users can only connect with corporate owned comptuers.  As such these computers would be a member of "domain computers".  For example if Jill Smith has a corporate laptop, she should be able to VPN from her house using the corporate laptop, but not using her personal computer.  Additionally we would like to be able to make a couple of exceptions for certain users such as the company owner.  I don't really want to have a rule that says "owner can connect with any computer" but rather have the ASA authenticate via the Domain Computers group and a custom list someplace where the connecting computer must be a member of one of those lists.
Any help with this will be greatly appreciated.
bruceleroyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
You can get an Advanced Endpoint Assessment License that provides you with many options as to how to recognize a computer, how to recognize whether it is a corporate or personal, whether it has updated anti-virus, etc before you allow it to connect.
The base Secure Desktop Manager will give you many of these capabilities, just not as fine of control.
It only works with SSL VPN access
Using the Registry or File criteria, you can specify a registry setting that identifies the computer as a domain member, or a specific file that identifies it as a corporate owned computer.
http://www.ciscosystems.com/en/US/docs/security/csd/csd311/csd_for_asa/configuration/guide/CSDJwin.html

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.