CSD, DAP, host scans, etc.
I have a Cisco ASA 5515, running Manager 9.0 (2) and device version 7.1 (2). What I want to do is to look at the SSL/AnyConnect customer requests, check to see if they are a PC company and allow them access so. If they are not, I would check for AV/Spyware/Firewall and start them / update if necessary, or deny access if they are absent, will not start or will not update. It seems to me that I need to implement a combination of features to achieve this. The problem I have is to understand what I really need. My ASA is allowed for AnyConnect Premium and Advanced Endpoint Assessment, so I think I have everything that I need, except the brain power to sort it.
Any help, such as good examples to follow would be very appreciated!
Yes, the AnyConnect Premium license more AEA using the CSD should cover what you need.
Have you had a glance at this whitepaper on configuring the dynamic access policies? In my view, it covers everything you want to do and then some.
Tags: Cisco Security
Similar Questions
-
I have a printer Dell V305 that worked very well, but I'm more able to print anything from my laptop. Scanning, etc. still works but not the printing part. I have Windows 7 64 bit. He has a solid orange light on.
Most often when a device does not work, it is because the driver is damaged. Re-install a new copy should help -
Software scanning etc. for psc1350 on Win7
Hi, I just installed my psc1350 on my Win7 laptop. Previously, he was on my Mac. The Mac has the HP software to scan etc. I installed all the software that I can find on the 2 CDs, being the one with the drivers and Setup and the Photosmart one, but can't find any scanner software. Can I print from the computer, but not send the scanner to the laptop. Is there another CD I lost or what? Download HP scanning software? I think that Image area is part of what I'm after.
See you soon,.
Pete
HP Image Zone has been replaced by the center of HP solutions a few years ago. Unfortunately there is no driver for Windows 7 for the recommended PSC 1350. You can use the workaround for scanning described in this link.
-
Using Microsoft® Windows Vista Home Basic Version 6.0.6001 Service Pack 1 Build 6001, I have my computer set up to install updates automatic update and scan with my AVG antivirus 8.5 from one day to the next, while the computer is in sleep. In the morning, when I wake up the computer it alerts me that there are updates available, and I have to click the balloon to install the updates. Meanwhile my anti virus is update solange wake up also. Both are supposed to occur automatically during the night. Shouldn't these scheduled etc. updates works even if the computer is asleep?
Hi daglo1963,
Thanks for posting on the Forum of responses of Vista.
When Vista is in "standby", like updating the activity is suspended.
I hope this helps.
Chris
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think. -
Used MBAM to remove SystemTool, I'm prompted to delete, and then replace the HOSTS file. I can find it in the \etc folder and delete it, but when I use the window "save under" to replace it, I have one establish a path to the extent of the \drivers, and when I click it, there is no \etc folder. If I restore the HOSTS file and go again to remove it, there are the \etc folder. Need to market-thru of a fool for this problem. That's the limit of my computer expertise (or lack of same), so please remember that, in your response.
Thank you!
This FixIt will allow you to reset your HOSTS file to the default value for Windows:
http://support.Microsoft.com/kb/972034
If you still have problems later, it may be that the threat is always resident (because not all active traces have been removed). I suggest that you post a topic on theForum of Malware MBAM , because experts it can interpret your MBAM log and suggest other programs for analysis that will determine if the system tool is still there or if it came with the other 'buddies' who resisted the abduction:
Here is the preliminary program to produce required, logs before posting, you must run.
-
How to activate the scan of the computer
Hello
In order to activate the Scan of the computer, you will first need to install the printing software (available on www.hp.com > support > download drivers)
Once the Sw is installed, click on the HP Printer Wizard and there should be a "Manage the Scan to Computer" option on the scan tab.
Please click "Bravo Thumbs up" on the left, if it helped you and 'Accept as solution' If this helped solved your problem.
-
Connection disappeared for scanning etc via PC control
All of a sudden I lost communication with the printer for the "command" scan, a.s.o. Inc.-data for a few years, I could choose the type of scan (pdf, photo, e-mail) from my PC, but something happened and now I couldn't control anything. HPDr-program could communicate and "adjust the scanning. WIn 7 64 bit. I try to download new drivers, tried to connect both wireless and USB. That's happened?
Hi erhal,.
It seems to me that you were unable to delete the driver from the print server properties, and you have several icons printer Photosmart 5510 in 'units and printers '. Let's start with the removal of several printers.
Open printers by clicking the start , by clicking on Control Panel, hardware and sound, and then clickingPrinters.
Right-click the printer that you want to delete and then click on remove.
If you can't delete the printer, right-click again, click Run as administrator, and then click on remove. If you are prompted for an administrator password or a confirmation, type the password or provide confirmation.
- source
Once the printers are deleted, do not add the printer in this window, click Start > file HP > Photosmart 5510 folder > open HP Setup and software.
-
[Edited by host] scanned photo problem
I scanned a large number of photos for pdf files. Open with Adobe Reader XI. Recently found all files with the extensions of jdf, Adobe icon still left when it is opened from computer > with Adobe. Adobe Reader responded: format not supported load/file damaged. How to open files [edited for clarity]
I changed the extension he handmade in pdf format. The icon has changed to the previous version of Adobe, not open file.
What should do?
New scan is saved as a pdf with the old icon and it will open. Installed Adobe Reader CD
-
I have an Epson 625 / scan etc. I can't scan at all
Communication problems. I have attached a usb cable as requested. I also have wifi on this printer. I'm so confused. Which one should I use? I have it on a network, and yet he wanted a usb cable. Someone at - it a solution?
It's pretty hard to do a wireless wireless installation, it is common that these devices to be connected by a cable to do the installation and also install the drivers on the computer.
In your case, I suspect that you need a driver for Epson. Try their Web site for new drivers and also for the help forums. -
Cisco Scan host (Hostscan_3.1.04082 - k9.pkg)
Hello community,
I recently bought an evaluation license to check our remote users primarily, Advanced endpoint for our ASA5505 antivirus and firewall. What I understand, it's that this feature requires the above license and also Anyconnect Premium peer to be activated. My "show worm" indicates that these licenses are activated. See below.
The devices allowed for this platform:
The maximum physical Interfaces: 8 perpetual
VLAN: 20 unrestricted DMZ
Double ISP: Activated perpetual
VLAN Trunk Ports: 8 perpetual
The hosts on the inside: 50 perpetual
Failover: Active / standby perpetual
Encryption - A: enabled perpetual
AES-3DES-Encryption: activated perpetual
AnyConnect peers Premium: 10 perpetual
AnyConnect Essentials: Disabled perpetual
Counterparts in other VPNS: 25 perpetual
Total VPN counterparts: 25 perpetual
Shared license: disabled perpetual
AnyConnect for Mobile: activated perpetual
AnyConnect Cisco VPN phone: disabled perpetual
Assessment of Advanced endpoint: activated perpetual
Proxy UC phone sessions: 2 perpetual
Proxy total UC sessions: 2 perpetual
Botnet traffic filter: disabled perpetual
Intercompany Media Engine: Disabled perpetual
Cluster: Disabled perpetual
This platform includes an ASA 5505 Security Plus license.
Now to my question. What should I do to activate this feature? No matter what I try, the test of remote access from a Windows 8.1 with anyconnect 3.1.04072 all have access to the network regardless of my parameter in ASDM.
That's what I did after actication of license and a reboot:
1. from ASDM, 'Configuration'--> remote access VPN--> host Scan Image: Browse flash for
hostscan_3.1.04082 - k9.pkg and enabled "activate host Scan/CSD. Then apply and save.
2 restarted ASDM.
3. from ASDM,--> Configuration--> remote access VPN--> Secure Desktop Manager--> host Scan set up Advanced Endpoint Assessment worm 3.6.8133.2--> added F-secure.
4. apply and save.
When I try to connect with my 8.1 anyconnect - machine Windows (with no F-secure antivirus installed) I see that the Anyconnect client makes a hostscan but no matter what I do the machine will ignore my settings for Antivirus, etc. and get full access.
What Miss me? I have to create a DAP aswell, or shouldn't it work without one?
Note: Our Anyconnect authenticate using RADIUS with stimulus / response, but I guess that would not affect as the host-scan will be performed prior to authentication.
Thank you in advance,
Best regards
A DAP rule would take care of it. This is where you must create a rule to search for attributes of endpoint as process, files, the key to registry or something else. In light of criteria coupled or unmatched, you can decide to let them continue, quarantine or delete the connection. DAP rules are capable of much more, but from reading the above, it seems that you are wanting to do either connect or disconnect the installed AV-based. Does that answer your question?
Thank you.
Joe
-
vCAC 6.0: keep coming back after the reboot of the file/etc/hosts
HI guys,.
I am running vCAC 6.0, I noticed that on my identity server's host name is not COMPLETE and I also noticed that I have big fingers DNS server settings. I can fix this in the user interface and I confirmed that the/etc/hosts and /etc/resolv.conf have been updated correctly.
However, if I reboot the server all restores the original files. Same thing if I modify the file manually with VI.
I saw exactly the same thing with vCOPs.
Any ideas?
Ben
I am not sure what is causing the reversion. Reinstall the identity a vCAC using the FQDN and things got appropriate DNS works...
Ben
-
How to know the host name using IP SCAN
Hello
It is possible to know the hostname from / IP address using the IP configured SCAN?
Please do not give me the links for - what is SCAN IP and how it works... Please
Just trying to find out whether it is possible or not.
Thanks in advance.
Kind regards
Mukesh
Hello
> Is it possible to know the hostname from / IP address using the IP configured SCAN
What hostname... database hostname name clustered...? If so you can not, because the IP SCAN is not assigned to any host, SCAN name is defined in DNS that resolves the 3 IPs in the method of Robin, hope this clarified your question.
-
vSphere Host Update Utility Scan Failed
Hello world
I recently updated my Dell PE2950iii ESXi 3.5 Embedded 4.0. After the upgrade, I was unable to patch the host after scanning and download the 2 patches available with success. So I decided (after reading the post of the user) to perform the repair on the CD of ESXi 4 option. The repair went through fine without any visible error. Now that I tried to scan and patch my host, I get an error that referred me to a viu - 3 log file. I'm not not to clear on how to read but I managed to find this piece of info that may be useful to determine what is at fault in my setup.
2009-11-18 17:10:15.328 msg: cache location: / tmp/updatecache cache size: 260408 MB
2009-11-18 17:10:15.328 msg: wrapper scan Host: scanning (all) started.
2009-11-18 17:10:15.328 inf: managed fix manager using metadata URL:
2009-11-18 17:10:15.328 inf: begin to download files to the host
2009-11-18 17:10:15.328 inf: event posted: begin to download files to the host
2009-11-18 17:10:15.328 inf: file: C:\Documents and Settings\All Users\Application Data\VMware\VMware VI Update/vmw/metadata/vmw-ESXi-4.0.0-metadata.zip to: /tmp/updatecache/vmw-ESXi-4.0.0-metadata.zip
2009-11-18 17:10:15.328 inf: managed Manager patch file download, CBC: C:\Documents and Settings\All Users\Application Data\VMware\VMware VI Update/vmw/metadata/vmw-ESXi-4.0.0-metadata.zip, dst: /tmp/updatecache/vmw-ESXi-4.0.0-metadata.zip
2009-11-18 17:10:15.328 msg: host scanner scanning (all) wrapper has no : I/o error has occurred. Failure details: System.IO.IOException: I/o error has occurred.
Can someone advise me please on how to proceed?
I'm sorry, I worked 10 hours and my eyes start to fail. I thought you had 0 space free not 0% used.
Forget it. Try to run from the console:
esxupdate -m https://hostupdate.vmware.com/software/VUM/PRODUCTION/vmw/vmw-ESXi-4.0.0-metadata.zip scan
and
esxupdate -m https://hostupdate.vmware.com/software/VUM/PRODUCTION/vmw/vmw-ESXi-4.0.0-metadata.zip update
and paste the results.
-
Hi all
I'm trying to assign the attribute DAP users VPN (Anyconnect 3.0 +) who fulfil certain conditions of registry. When setting up political DAP, while selecting the condition of the register, it is in error as "secure desktop cisco (CSD) is not enabled, CSD should be enabled to configure the registry endpoint attribute. But as I link percevied, to check the attribute registry "scan host' which is integrated in the module anyconnect 3.0 will be charged. So why he asks me to activate the CSD? CSD is really necessary to verify the registry attribute even if we use anyconenct 3.0 +? Any pointer
The end of the ASA must be activated and more bits based on AnyConnect.
Notes elsewhere in the link you quoted, it is said ' host Scan automatically identifies the operating systems and service packs on any remote device establishing a clientless SSL VPN and AnyConnect Cisco client session and when the host Scan/CSD or CSD is activated on the SAA. " (emphasis added).
FYI Cisco is to denigrate these features over time for the Posture of scanning at the ISE in conjunction with the new posture AnyConnect 4.0 module.
-
The generic host error and 100% CPU usage
OK, I have a friend who has a problem that I tried to help him.
two different problems what I beliave are related to each other. About every 4 hours a serive generic host error will go up. The only thing can be made once this error occurs, is a reboot. Sometimes this error happens at different times, but especially at intervals of 4 hours.
Second problem is that one of the svchost.exe process will peg the CPU at 100%. Sometimes the generic host service will pass about 10 min. after that the CPU will 100% sometimes if you leave sit PC long enough for svchost.exe CPU utilization will be brought back to normal. It may take up to an hour or even longer.
This PC had Mcafee at least 2 years, and all windows updates and dat files are updated. So it shouldn't be a virus. It is not get used for much more then the e-mail and web browsing lite. I have seen some information about the windows auto updater causing problem and followed the instructions to fix this. It will appear to work for the rest of the day then get back to the top. I ran about 5 different virus, spyware, malware, scans etc. on it and he comes clean each time. I've been a PC Tech for 12 years and checked and tried about everything I can think of short of formatting and to start over, the list of what I've tried is long to enumerate hear. I hope input fresh can help pinpoint the problem.
I never liked using a clean install as a miracle solution. You never hear anything like that, more it can be a big pain in the rear to the person using the PC. So, any help would be appreciated!
the PC is under Win XP SP3
Please check this utilities
File name: fix generic host of microsoft.zip
Download link: http://download552.mediafire.com/ec1vcmlflrmg/dw4m0nzzyv3/generic+host+fix++from+microsoft.zip
File name: Generic Host Process for Win32 Services error FIX.rar
Download link: http://download854.mediafire.com/4uq4ezbelbog/xllawtnuazj/Generic+Host+Process+for+Win32+Services+Error+FIX.rar
File name: windows to doors cleaner.exe
Download link: http://download919.mediafire.com/ykd77aa8bhdg/qzmzvwzymnm/windows+worms+doors+cleaner.exe
Concerning
Jinish.K.G
RRC Cochin
Maybe you are looking for
-
Disappearance of new tab + sign * on the tabs them *.
After searching this forum to address this issue, it is obvious that those who responded do not understand the problem; at least the problem that I and many others whose questions I read wanted. On each firefox tab, on the right side * of the tab its
-
I dropped my laptop and now the screen is yellow tint
Hello Recently, I dropped my laptop and turned it on to find that the screen is tinged with yellow.Toshiba will be able to replace my screen?
-
Any way to enable Swype on TPT?
-
I get GfxUI every time I open my computer
get a GfxUI every time I opened my computer it dose average? how it go down
-
original title: user account problems... Somehow, the guest on our laptop with Vista account now is administrator. I can't turn it off. I can not move the other user account to the administrator, nor can I create a new account. Something has happe