CHAPT ER
76-1
Cisco ASA 5500 Series Configuration Guide using the CLI
76
Configuring AnyConnect Host Scan
The AnyConnect Posture Module provides the AnyConnect Secure Mobility Client the ability to identify
the operating system, anti-virus, anti-spyware, and firewall software installed on the host. The Host Scan
application gathers this information.
Using the secure desktop manager tool in the Adaptive Security Device Manager (ASDM), you can
create a prelogin policy which evaluates the operating system, anti-virus, anti-spyware, and firewall
software Host Scan identifies. Based on the result of the prelogin policy’s evaluation, you can control
which hosts are allowed to create a remote access connection to the security appliance.
The Host Scan support chart contains the product name and version information for the anti-virus,
anti-spyware, and firewall applications you use in your prelogin policies. We deliver Host Scan and the
Host Scan support chart, as well as other components, in the Host Scan package.
Starting with AnyConnect Secure Mobility Client, release 3.0, Host Scan is available separately from
CSD. This means you can deploy Host Scan functionality without having to install CSD and you will be
able to update your Host Scan support charts by upgrading the latest Host Scan package.
Posture assessment and the AnyConnect telemetry module require Host Scan to be installed on the host.
This chapter contains the following sections:
Host Scan Dependencies and System Requirements, page 76-1
Host Scan Packaging, page 76-2
Installing and Enabling Host Scan on the ASA, page76-3
Other Important Documentation Addressing Host Scan, page76-7

Host Scan Dependencies and System Requirements

Dependencies

The AnyConnect Secure Mobility Client with the posture module requires these minimum ASA
components:
ASA 8.4
ASDM 6.4
These AnyConnect features require that you install the posture module.
SCEP authentication