?
Solved

Cisco ASA 5540 - Anyconnect access to particular devices only

Posted on 2014-07-21
2
Medium Priority
?
569 Views
Last Modified: 2014-07-22
Hello all -

Is it possible to use the Cisco ASA 5540 to block a user from coonecting via VPN using an IPAD but still allow his Windows laptop to connect?

Any advice would be great.

Thanks

J. Meza
0
Comment
Question by:CocoCounty
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 40211630
There is Host Scan supported by Cisco Anyconnect that does a prelogin assessment checks for the following on the remote endpoint. These authentication data gathered can serves as the prelogin policy and Host Scan results, to apply a dynamic access policy (DAP) to the session.

–      Operating system
–      Presence or absence of any files you specify.
–      Presence or absence of any registry keys you specify. This check applies only if the computer is running Microsoft Windows.
–      Presence of any digital certificates you specify. This check also applies only if the computer is running Microsoft Windows.
–      IP address within a range you specify.

Starting with Cisco AnyConnect Secure Mobility Client Version 3.1, you can do posture assessment using HostScan. . It requires both the Cisco Adaptive Security Appliance and Cisco AnyConnect Secure Mobility Client. It is licensed through the Cisco AnyConnect Premium license. I did not manage to find any specific on 5540 but you can check this  5500-X example on using Lua expression to track specific mobile devices by their unique identifiers (UIDs). There are more other DAP example that cna be useful info for the lockdown checks

useful to check on more in Cisco AnyConnect Secure Mobility Solution FAQ
0
 

Author Comment

by:CocoCounty
ID: 40212466
Breadtan

Thanks for the information, I will start looking into it.
0

Featured Post

Get proactive database performance tuning online

At Percona’s web store you can order full Percona Database Performance Audit in minutes. Find out the health of your database, and how to improve it. Pay online with a credit card. Improve your database performance now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question