View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0279 - ISE 2.2 Posture Assessment with AnyConnect Client (Part 2)

Average: 5 (1 vote)
Difficulty Level: 
Lab Document: 
<Please login to see the content>
Video Download: 
Title: SEC0279 - Video Download $21.00
Purchase SEC0279 - Video Download $21.00
The video looks at posture assessment with AnyConnect on Cisco ISE 2.2. The main focus will be new posture checks introduced in recent ISE version, App Collection, Windows Firewall and Anti-Malware. Using wired Windows 10, we will step through the posture assessment process, starting with AnyConnect download, and, test auto-remediation to bring the machine to a compliant state. The video closes with ability to control applications with App Control.
Part 2 of this video covers Authorization Policy configuration and AnyConnect download
  • Posture Workcenter
  • Authorization Policies
  • Policy Elements
    • Results (Authorization Profile, dACL, VLAN)
  • Client Provisioning Policies
  • Client Provisioning Portal
  • AnyConnect Posture Profile and Configuration
  • Cisco AnyConnect Client with ISE Posture Module (Windows)
  • Posture Compliant/Non-Compliant/Unknown States
  • Posture Policies
    • App Collection
    • Windows Firewall
    • Windows Defender Anti-Malware
  • Posture Remediation
  • Application Control

About Author

Metha Cheiwanichakorn, CCIE#23585 (RS, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at, Metha enjoys learning and challenges himself with new Cisco technologies.


Hello. Thank you, for your sharings. I want to clarify one thing. I want to make posture for Sponsored Guest Access network. I enabled it in CWA portal edit and created provisioning policy by condition "Guest Flow". After i enter guest username password it forwards me provisionin page as it was shown on flow. I accep java things and etc., but after i do everything no NAC Agent is downloaded. It just says "IP address renewal ...." and gives me internet access.

Just to clearify. Are you trying to use AnyConnect Posture Agent or NAC Web Agent?


I would like to deploy Anyconnect posture module with SCCM software distribution. How would i push the posture profile or the config to posture module?


Please refer to Cisco AnyConnect doc. It shows you how to put together a package and which directory to put them in. Below is also a post on Cisco community on the topic.

I have created redirect ACL at WLC the same way as mentioned in video for Switch but seems it is not working, is there any specific config for WLC posturing.


Which WLC model are you using? Do you see redirect ACL in the client session? What exactly is not working?

It worked, we just need to make an opposite of redirect ACLon WLC as compared to ASA, your videos helps a lot, thanks.