76-7
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter76 Configuring AnyConnect Host Scan
Other Important Documentation Addressing Host Scan
Other Important Documentation Addressing Host Scan
Once Host Scan gathers the posture credentials from the endpoint computer, you will need to understand
subjects like, configuring prelogin policies, configuring dynamic access policies, and using Lua
expressions to make use of the information.
These topics are covered in detail in these documents:
Cisco Secure Desktop Configuration Guides
Cisco Adaptive Security Device Manager Configuration Guides
See also the Cisco AnyConnect Secure Mobility Client Administrator Guide, Release 3.0 for more
information about how Host Scan works with AnyConnect clients.
Step4 hostname(config-group-webvpn)# anyconnect modules
value AnyConnect Module Name
Example:
hostname(config-group-webvpn)# anyconnect modules
value websecurity,telemetry,posture
Configures the group policy to download AnyConnect
feature modules for all users in the group. The value of
the anyconnect module command can contain one or
more of the following values. When specifying more than
one module, separate the values with a comma.
value AnyConnect Module Name
dart AnyConnect DART (Diagnostics and
Reporting Tool)
nam AnyConnect Network Access Manager
vpngina AnyConnect SBL (Start Before Logon)
websecurity AnyConnect Web Security Module
telemetry AnyConnect Telemetry Module
posture AnyConnect Posture Module
none Used by itself to remove all AnyConnect
modules from the group policy.
To remove one of the modules, re-send the command
specifying only the module values you want to keep. For
example, this command removes the websecurity
module:
hostname(config-group-webvpn)# anyconnect modules
value telemetry,posture
Step5 write memory
Example:
hostname(config-group-webvpn)# write memory
Saves the running configuration to flash.
After successfully saving the new configuration to flash
memory, you receive the message [OK] and the ASA
returns you to this prompt:
hostname(config-group-webvpn)#
Command Purpose