View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0410 - Firepower 7.0 AnyConnect VPN Dynamic Access Policy (DAP) (Part 2)

Rating: 
0
No votes yet
Difficulty Level: 
4
Lab Document: 
<Please login to see the content>

The video walks you through configuration of Dynamic Access Policy (DAP) for Cisco Secure Client (AnyConnect) on Cisco Firepower 7.0. Our scenarios includes using DAP to identify VPN client type and its posture status and enforce appropriate level of remote access. We will then look at an advance use of LUA script to detect install certificate on a VPN client. DAP is a Firepower self-contain alternative to Cisco ISE posture agent.

Part 2 of this video covers VPN client type detection

Topic:

  • Hostscan
  • Dynamic Access Policy (DAP) Setup
  • VPN Client Type Detection
    • Connection Profile
    • Registry Key
  • VPN Client Posture Check
    • Anti-Malware
    • Firewall
    • Process
  • Installed Certificate Detection
  • LUA Script
  • DAP Configuration File

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.

Poll

Vote for the Next Video Series