CSD, DAP, host scans, etc.

I have a Cisco ASA 5515, running Manager 9.0 (2) and device version 7.1 (2).  What I want to do is to look at the SSL/AnyConnect customer requests, check to see if they are a PC company and allow them access so.  If they are not, I would check for AV/Spyware/Firewall and start them / update if necessary, or deny access if they are absent, will not start or will not update.  It seems to me that I need to implement a combination of features to achieve this.  The problem I have is to understand what I really need.  My ASA is allowed for AnyConnect Premium and Advanced Endpoint Assessment, so I think I have everything that I need, except the brain power to sort it.

Any help, such as good examples to follow would be very appreciated!

Yes, the AnyConnect Premium license more AEA using the CSD should cover what you need.

Have you had a glance at this whitepaper on configuring the dynamic access policies? In my view, it covers everything you want to do and then some.

Tags: Cisco Security

Similar Questions

  • Dell V305 printer does not print anything and it used to work properly. Still scans, etc., everything will not print.

    I have a printer Dell V305 that worked very well, but I'm more able to print anything from my laptop. Scanning, etc. still works but not the printing part. I have Windows 7 64 bit. He has a solid orange light on.

    Most often when a device does not work, it is because the driver is damaged.  Re-install a new copy should help

    http://Windows.Microsoft.com/en-us/Windows7/update-a-driver-for-hardware-that-isn ' t-work correctly? SignedIn = 1

  • Software scanning etc. for psc1350 on Win7

    Hi, I just installed my psc1350 on my Win7 laptop.  Previously, he was on my Mac.  The Mac has the HP software to scan etc.  I installed all the software that I can find on the 2 CDs, being the one with the drivers and Setup and the Photosmart one, but can't find any scanner software.  Can I print from the computer, but not send the scanner to the laptop.   Is there another CD I lost or what?  Download HP scanning software?   I think that Image area is part of what I'm after.

    See you soon,.

    Pete

    HP Image Zone has been replaced by the center of HP solutions a few years ago. Unfortunately there is no driver for Windows 7 for the recommended PSC 1350.  You can use the workaround for scanning described in this link.

  • In Windows Vista Home Basic automatic updates, anti virus updates and scans, etc. are not made during the night while the computer is in sleep.

    Using Microsoft® Windows Vista Home Basic Version 6.0.6001 Service Pack 1 Build 6001, I have my computer set up to install updates automatic update and scan with my AVG antivirus 8.5 from one day to the next, while the computer is in sleep. In the morning, when I wake up the computer it alerts me that there are updates available, and I have to click the balloon to install the updates. Meanwhile my anti virus is update solange wake up also. Both are supposed to occur automatically during the night. Shouldn't these scheduled etc. updates works even if the computer is asleep?

    Hi daglo1963,

    Thanks for posting on the Forum of responses of Vista.

    When Vista is in "standby", like updating the activity is suspended.

    I hope this helps.

    Chris
    Microsoft Answers Support Engineer
    Visit our Microsoft answers feedback Forum and let us know what you think.

  • Removed the malware system tool, now a problem remove/repair file HOSTS. \etc folder disappears and reappears

    Used MBAM to remove SystemTool, I'm prompted to delete, and then replace the HOSTS file.  I can find it in the \etc folder and delete it, but when I use the window "save under" to replace it, I have one establish a path to the extent of the \drivers, and when I click it, there is no \etc folder.  If I restore the HOSTS file and go again to remove it, there are the \etc folder.  Need to market-thru of a fool for this problem.  That's the limit of my computer expertise (or lack of same), so please remember that, in your response.

    Thank you!

    This FixIt will allow you to reset your HOSTS file to the default value for Windows:

    http://support.Microsoft.com/kb/972034

    If you still have problems later, it may be that the threat is always resident (because not all active traces have been removed). I suggest that you post a topic on theForum of Malware MBAM , because experts it can interpret your MBAM log and suggest other programs for analysis that will determine if the system tool is still there or if it came with the other 'buddies' who resisted the abduction:

    Here is the preliminary program to produce required, logs before posting, you must run.

  • Scan, etc.

    How to activate the scan of the computer

    Hello

    In order to activate the Scan of the computer, you will first need to install the printing software (available on www.hp.com > support > download drivers)

    Once the Sw is installed, click on the HP Printer Wizard and there should be a "Manage the Scan to Computer" option on the scan tab.

    Please click "Bravo Thumbs up" on the left, if it helped you and 'Accept as solution' If this helped solved your problem.

  • Connection disappeared for scanning etc via PC control

    All of a sudden I lost communication with the printer for the "command" scan, a.s.o. Inc.-data for a few years, I could choose the type of scan (pdf, photo, e-mail) from my PC, but something happened and now I couldn't control anything. HPDr-program could communicate and "adjust the scanning. WIn 7 64 bit. I try to download new drivers, tried to connect both wireless and USB. That's happened?

    Hi erhal,.

    It seems to me that you were unable to delete the driver from the print server properties, and you have several icons printer Photosmart 5510 in 'units and printers '. Let's start with the removal of several printers.

    1. Open printers by clicking the start , by clicking on Control Panel, hardware and sound, and then clickingPrinters.

    2. Right-click the printer that you want to delete and then click on remove.

      If you can't delete the printer, right-click again, click Run as administrator, and then click on remove.  If you are prompted for an administrator password or a confirmation, type the password or provide confirmation.

      - source

      Once the printers are deleted, do not add the printer in this window, click Start > file HP > Photosmart 5510 folder > open HP Setup and software.

  • [Edited by host] scanned photo problem

    I scanned a large number of photos for pdf files. Open with Adobe Reader XI. Recently found all files with the extensions of jdf, Adobe icon still left when it is opened from computer > with Adobe. Adobe Reader responded: format not supported load/file damaged.  How to open files [edited for clarity]

    I changed the extension he handmade in pdf format. The icon has changed to the previous version of Adobe, not open file.

    What should do?

    New scan is saved as a pdf with the old icon and it will open. Installed Adobe Reader CD

  • I have an Epson 625 / scan etc. I can't scan at all

    Communication problems.  I have attached a usb cable as requested.  I also have wifi on this printer.  I'm so confused.  Which one should I use?  I have it on a network, and yet he wanted a usb cable.  Someone at - it a solution?

    It's pretty hard to do a wireless wireless installation, it is common that these devices to be connected by a cable to do the installation and also install the drivers on the computer.

    In your case, I suspect that you need a driver for Epson.  Try their Web site for new drivers and also for the help forums.

  • Cisco Scan host (Hostscan_3.1.04082 - k9.pkg)

    Hello community,

    I recently bought an evaluation license to check our remote users primarily, Advanced endpoint for our ASA5505 antivirus and firewall. What I understand, it's that this feature requires the above license and also Anyconnect Premium peer to be activated. My "show worm" indicates that these licenses are activated. See below.

    The devices allowed for this platform:

    The maximum physical Interfaces: 8 perpetual

    VLAN: 20 unrestricted DMZ

    Double ISP: Activated perpetual

    VLAN Trunk Ports: 8 perpetual

    The hosts on the inside: 50 perpetual

    Failover: Active / standby perpetual

    Encryption - A: enabled perpetual

    AES-3DES-Encryption: activated perpetual

    AnyConnect peers Premium: 10 perpetual

    AnyConnect Essentials: Disabled perpetual

    Counterparts in other VPNS: 25 perpetual

    Total VPN counterparts: 25 perpetual

    Shared license: disabled perpetual

    AnyConnect for Mobile: activated perpetual

    AnyConnect Cisco VPN phone: disabled perpetual

    Assessment of Advanced endpoint: activated perpetual

    Proxy UC phone sessions: 2 perpetual

    Proxy total UC sessions: 2 perpetual

    Botnet traffic filter: disabled perpetual

    Intercompany Media Engine: Disabled perpetual

    Cluster: Disabled perpetual

    This platform includes an ASA 5505 Security Plus license.

    Now to my question. What should I do to activate this feature? No matter what I try, the test of remote access from a Windows 8.1 with anyconnect 3.1.04072 all have access to the network regardless of my parameter in ASDM.

    That's what I did after actication of license and a reboot:

    1. from ASDM, 'Configuration'--> remote access VPN--> host Scan Image: Browse flash for

    hostscan_3.1.04082 - k9.pkg and enabled "activate host Scan/CSD. Then apply and save.

    2 restarted ASDM.

    3. from ASDM,--> Configuration--> remote access VPN--> Secure Desktop Manager--> host Scan set up Advanced Endpoint Assessment worm 3.6.8133.2--> added F-secure.

    4. apply and save.

    When I try to connect with my 8.1 anyconnect - machine Windows (with no F-secure antivirus installed) I see that the Anyconnect client makes a hostscan but no matter what I do the machine will ignore my settings for Antivirus, etc. and get full access.

    What Miss me? I have to create a DAP aswell, or shouldn't it work without one?

    Note: Our Anyconnect authenticate using RADIUS with stimulus / response, but I guess that would not affect as the host-scan will be performed prior to authentication.

    Thank you in advance,

    Best regards

    A DAP rule would take care of it. This is where you must create a rule to search for attributes of endpoint as process, files, the key to registry or something else. In light of criteria coupled or unmatched, you can decide to let them continue, quarantine or delete the connection. DAP rules are capable of much more, but from reading the above, it seems that you are wanting to do either connect or disconnect the installed AV-based. Does that answer your question?

    Thank you.

    Joe

  • vCAC 6.0: keep coming back after the reboot of the file/etc/hosts

    HI guys,.

    I am running vCAC 6.0, I noticed that on my identity server's host name is not COMPLETE and I also noticed that I have big fingers DNS server settings.  I can fix this in the user interface and I confirmed that the/etc/hosts and /etc/resolv.conf have been updated correctly.

    However, if I reboot the server all restores the original files.  Same thing if I modify the file manually with VI.

    I saw exactly the same thing with vCOPs.

    Any ideas?

    Ben

    I am not sure what is causing the reversion.  Reinstall the identity a vCAC using the FQDN and things got appropriate DNS works...

    Ben

  • How to know the host name using IP SCAN

    Hello

    It is possible to know the hostname from / IP address using the IP configured SCAN?

    Please do not give me the links for - what is SCAN IP and how it works... Please

    Just trying to find out whether it is possible or not.

    Thanks in advance.

    Kind regards

    Mukesh

    Hello

    > Is it possible to know the hostname from / IP address using the IP configured SCAN

    What hostname... database hostname name clustered...? If so you can not, because the IP SCAN is not assigned to any host, SCAN name is defined in DNS that resolves the 3 IPs in the method of Robin, hope this clarified your question.

  • vSphere Host Update Utility Scan Failed

    Hello world

    I recently updated my Dell PE2950iii ESXi 3.5 Embedded 4.0. After the upgrade, I was unable to patch the host after scanning and download the 2 patches available with success. So I decided (after reading the post of the user) to perform the repair on the CD of ESXi 4 option. The repair went through fine without any visible error. Now that I tried to scan and patch my host, I get an error that referred me to a viu - 3 log file. I'm not not to clear on how to read but I managed to find this piece of info that may be useful to determine what is at fault in my setup.

    2009-11-18 17:10:15.328 msg: cache location: / tmp/updatecache cache size: 260408 MB

    2009-11-18 17:10:15.328 msg: wrapper scan Host: scanning (all) started.

    2009-11-18 17:10:15.328 inf: managed fix manager using metadata URL:

    2009-11-18 17:10:15.328 inf: begin to download files to the host

    2009-11-18 17:10:15.328 inf: event posted: begin to download files to the host

    2009-11-18 17:10:15.328 inf: file: C:\Documents and Settings\All Users\Application Data\VMware\VMware VI Update/vmw/metadata/vmw-ESXi-4.0.0-metadata.zip to: /tmp/updatecache/vmw-ESXi-4.0.0-metadata.zip

    2009-11-18 17:10:15.328 inf: managed Manager patch file download, CBC: C:\Documents and Settings\All Users\Application Data\VMware\VMware VI Update/vmw/metadata/vmw-ESXi-4.0.0-metadata.zip, dst: /tmp/updatecache/vmw-ESXi-4.0.0-metadata.zip

    2009-11-18 17:10:15.328 msg: host scanner scanning (all) wrapper has no : I/o error has occurred. Failure details: System.IO.IOException: I/o error has occurred.

    Can someone advise me please on how to proceed?

    I'm sorry, I worked 10 hours and my eyes start to fail. I thought you had 0 space free not 0% used.

    Forget it. Try to run from the console:

     esxupdate -m https://hostupdate.vmware.com/software/VUM/PRODUCTION/vmw/vmw-ESXi-4.0.0-metadata.zip scan

    and

     esxupdate -m https://hostupdate.vmware.com/software/VUM/PRODUCTION/vmw/vmw-ESXi-4.0.0-metadata.zip update

    and paste the results.

  • Option of DAP for the verification of the registry for remote access VPN Anyconnect v 3.0 + users

    Hi all

    I'm trying to assign the attribute DAP users VPN (Anyconnect 3.0 +) who fulfil certain conditions of registry. When setting up political DAP, while selecting the condition of the register, it is in error as "secure desktop cisco (CSD) is not enabled, CSD should be enabled to configure the registry endpoint attribute. But as I link percevied, to check the attribute registry "scan host' which is integrated in the module anyconnect 3.0 will be charged. So why he asks me to activate the CSD? CSD is really necessary to verify the registry attribute even if we use anyconenct 3.0 +? Any pointer

    The end of the ASA must be activated and more bits based on AnyConnect.

    Notes elsewhere in the link you quoted, it is said ' host Scan automatically identifies the operating systems and service packs on any remote device establishing a clientless SSL VPN and AnyConnect Cisco client session and when the host Scan/CSD or CSD is activated on the SAA. " (emphasis added).

    FYI Cisco is to denigrate these features over time for the Posture of scanning at the ISE in conjunction with the new posture AnyConnect 4.0 module.

  • The generic host error and 100% CPU usage

    OK, I have a friend who has a problem that I tried to help him.

    two different problems what I beliave are related to each other. About every 4 hours a serive generic host error will go up. The only thing can be made once this error occurs, is a reboot. Sometimes this error happens at different times, but especially at intervals of 4 hours.

    Second problem is that one of the svchost.exe process will peg the CPU at 100%. Sometimes the generic host service will pass about 10 min. after that the CPU will 100% sometimes if you leave sit PC long enough for svchost.exe CPU utilization will be brought back to normal. It may take up to an hour or even longer.

    This PC had Mcafee at least 2 years, and all windows updates and dat files are updated. So it shouldn't be a virus. It is not get used for much more then the e-mail and web browsing lite. I have seen some information about the windows auto updater causing problem and followed the instructions to fix this. It will appear to work for the rest of the day then get back to the top. I ran about 5 different virus, spyware, malware, scans etc. on it and he comes clean each time. I've been a PC Tech for 12 years and checked and tried about everything I can think of short of formatting and to start over, the list of what I've tried is long to enumerate hear. I hope input fresh can help pinpoint the problem.

    I never liked using a clean install as a miracle solution. You never hear anything like that, more it can be a big pain in the rear to the person using the PC. So, any help would be appreciated!

    the PC is under Win XP SP3

    Please check this utilities

    File name: fix generic host of microsoft.zip

    Download link: http://download552.mediafire.com/ec1vcmlflrmg/dw4m0nzzyv3/generic+host+fix++from+microsoft.zip

    File name: Generic Host Process for Win32 Services error FIX.rar

    Download link: http://download854.mediafire.com/4uq4ezbelbog/xllawtnuazj/Generic+Host+Process+for+Win32+Services+Error+FIX.rar

    File name: windows to doors cleaner.exe

    Download link: http://download919.mediafire.com/ykd77aa8bhdg/qzmzvwzymnm/windows+worms+doors+cleaner.exe

    Concerning

    Jinish.K.G

    RRC Cochin

Maybe you are looking for