Solved

Cisco ASA 5540 - Anyconnect access to particular devices only

Posted on 2014-07-21
2
566 Views
Last Modified: 2014-07-22
Hello all -

Is it possible to use the Cisco ASA 5540 to block a user from coonecting via VPN using an IPAD but still allow his Windows laptop to connect?

Any advice would be great.

Thanks

J. Meza
0
Comment
Question by:CocoCounty
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 40211630
There is Host Scan supported by Cisco Anyconnect that does a prelogin assessment checks for the following on the remote endpoint. These authentication data gathered can serves as the prelogin policy and Host Scan results, to apply a dynamic access policy (DAP) to the session.

–      Operating system
–      Presence or absence of any files you specify.
–      Presence or absence of any registry keys you specify. This check applies only if the computer is running Microsoft Windows.
–      Presence of any digital certificates you specify. This check also applies only if the computer is running Microsoft Windows.
–      IP address within a range you specify.

Starting with Cisco AnyConnect Secure Mobility Client Version 3.1, you can do posture assessment using HostScan. . It requires both the Cisco Adaptive Security Appliance and Cisco AnyConnect Secure Mobility Client. It is licensed through the Cisco AnyConnect Premium license. I did not manage to find any specific on 5540 but you can check this  5500-X example on using Lua expression to track specific mobile devices by their unique identifiers (UIDs). There are more other DAP example that cna be useful info for the lockdown checks

useful to check on more in Cisco AnyConnect Secure Mobility Solution FAQ
0
 

Author Comment

by:CocoCounty
ID: 40212466
Breadtan

Thanks for the information, I will start looking into it.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question