You are here: Home / Archives for AnyConnect 3.0

Should You Be Using Cisco AnyConnect?

August 2, 2011 By Leave a Comment

It’s hard these days to keep on top if the latest and greatest when marketing keeps changing things. I think that’s why a lot of people are sometimes hesitant to migrate an existing deployment to a new version. I have heard more than once that “its the same old stuff in a different package.” That’s not true in the case of Cisco’s AnyConnect Secure Mobility Client v3.0. How so? Let’s look at a few points.

A Single Client For All Your Needs

The New AnyConnect client now packages multiple functions. In the past the Secure Services Client, CSSC was installed to provide enhanced authentication capabilities for wired and wireless networks. This is now part of the AnyConnect Solutions. It’s called the Network Access Manager.

Do you recall the Cisco NAC Client? It’s now packaged into AnyConnect and is called the AnyConnect Posture Module.

There’s also the Web Security Module and Telemetry Module.

All-in-all this client simplifies life with a one stop shop for Cisco Client installs.

Multiple OS Support

Windows, Mac, Linux, iOS devices… It’s pretty much available on the mainstream OS’s.

Cool Features

There are some cool features built into it like Trusted Network Detection, Always-On, Start-Before-Logon, and so on. You can configure these with ASDM and when the client connects it downloads any updates to the client profile. It makes it pretty simple to deploy.

IPsec Anyone?

AnyConnect 3.0 supports IKEv2, which means if you use an ASA running OS 8.4 you can use the any connect client for IPSec connectivity as well, further reducing the number of clients you have to deal with.

My Take

While there are a few things that bother me about the client, like the fact that Cisco Secure Desktop doesn’t launch if you connect in with the AnyConnect Client, but it will if you connect in via web launch, I would say it’s worth migrating to. I don’t think there is a large enough user base of Cisco Secure Desktop to make the little quirky “features” like that matter to most people.

How to Get Started

To get started with a migration you’ll need to upgrade to ASA 8.4. This may require a memory upgrade on your devices, but the features that are now available in the ASA make it worthwhile. Talk to your Cisco rep if you have any questions of course, and have fun with it. It’s not a perfect technology but it certainly has some cool capabilities.

Filed Under: AnyConnect 3.0, ASA VPN Tagged With: , ,

AnyConnect 3.0 Client Profiles

June 18, 2011 By Leave a Comment

The Cisco AnyConnect 3.0 Security Mobility Client has made some really neat changes. In doing some development recently I have had the opportunity to spend some time working with this version. I have to say that I do like it. But there are little gotcha’s that I figured I would share.

My Lab Topology is fairly simple. Basically I have a client on the outside and a server on the inside.

Acp1

I’m not so concerned with connecting to the server right now, but more so, I’m concerned with how I can centrally apply policy to my clients and then have them updated. To make the changes to the client, including company customization I am using the AnyConnect Profile Editor that’s embedded in ASDM. You can see the configuration page in the image below.
[Read more...]

Filed Under: AnyConnect 3.0, ASA VPN Tagged With: , ,

Social Widgets powered by AB-WebLog.com.