Transcription
AnyConnect Secure Mobility ClientFeatures, Licenses, and OSs, Release4.10This document identifies the AnyConnect release 4.10 features, license requirements, and endpoint operatingsystems that AnyConnect features support.Supported Operating SystemsCisco AnyConnect Secure Mobility Client 4.10 supports the following operating systems.Operating SystemVersionWindowsMicrosoft-supported versions of Windows 10 forARM64-based PCs (VPN client, DART, ISE posture, andHostScan)Current Microsoft supported versions of Windows 10x64(64-bit)Windows 8.1 x86(32-bit) and x64(64-bit)macOSmacOS 11.x (64-bit), 10.15(64-bit), and 10.14(64-bit)LinuxRed Hat 8 and 7 (64-bit)Ubuntu 20.04, 18.04, and 16.04 (all 64-bit)Note: Limited extended support for Windows 7 will be provided for customers who have active Windows 7extended support contracts with Microsoft. Although Cisco no longer performs substantial quality assurancetesting on Windows 7, issues will be resolved whenever possible. Cisco highly recommends upgrading to thelatest version of AnyConnect and Windows to take advantage of security enhancements. Cisco no longer supportsAnyConnect releases for Windows XP.See the Release Notes for Cisco AnyConnect Secure Mobility Client for OS requirements and support notes. Seethe Supplemental End User Agreement (SEULA) for licensing terms and conditions. See the Cisco AnyConnectOrdering Guide for a breakdown of orderability and the specific terms and conditions of the various licenses.See the Feature Matrix below for license information and operating system limitations that apply to AnyConnectmodules and features.AnyConnect 4.3 (and later) has moved to the Visual Studio (VS) 2015 build environment and requires VSredistributable files for its Network Access Manager module functionality. These files are installed as part of theinstall package. You can use the .msi files to upgrade the Network Access Manager module to 4.3 (or later), butthe AnyConnect Security Mobility Client must be upgraded first and running release 4.3 (or later).Also, with the addition of the AnyConnect Umbrella Roaming Security Module, Microsoft .NET 4.0 is required.Cisco Systems, Inc.www.cisco.com1
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Supported Cryptographic AlgorithmsSupported Cryptographic AlgorithmsThe following table lists the cryptographic algorithms supported by AnyConnect. The cryptographic algorithmsand cipher suites are shown in the order of preference, most to least. This preference order is dictated by Cisco’sProduct Security Baseline to which all Cisco products must comply. Note that the PSB requirements change fromtime to time so the cryptographical algorithms supported by subsequent versions of AnyConnect will changeaccordingly.TLS 1.2 and DTLS 1.2 Cipher Suites (VPN)Table 1TLS 1.2 and DTLS 1.2 Cipher Suites (VPN)Standard RFC Naming ConventionOpenSSL Naming ConventionTLS ECDHE RSA WITH AES 256 GCM SHA384ECDHA-RSA-AES256-GCM-SHA384TLS ECDHE ECDSA WITH AES 256 GCMSHA384ECDHE-ECDSA-AES256-GCM-SHA384TLS ECDHE RSA WITH AES 256 CBC SH ECDHE-RSA-AES256-SHA384A384TLS ECDHE ECDSA WITH AES 256 CBC ECDHE-ECDSA-AES256-SHA384SHA384TLS DHE RSA WITH AES 256 GCM SHA3 DHE-RSA-AES256-GCM-SHA38484TLS DHE RSA WITH AES 256 CBC SHA256DHE-RSA-AES256-SHA256TLS RSA WITH AES 256 GCM SHA384AES256-GCM-SHA384TLS RSA WITH AES 256 CBC SHA256AES256-SHA256TLS RSA WITH AES 256 CBC SHAAES256-SHATLS ECDHE RSA WITH AES 128 GCM SHA256ECDHE-RSA-AES128-GCM-SHA256TLS ECDHE RSA WITH AES 128 CBC SH ECDHE-RSA-AES128-SHA256A256TLS ECDHE ECDSA WITH AES 128 CBC ECDHE-ECDSA-AES128-SHA256SHA256TLS DHE RSA WITH AES 128 GCM SHA2 DHE-RSA-AES128-GCM-SHA25656TLS DHE RSA WITH AES 128 CBC SHA256TLS DHE RSA WITH AES 128 CBC SHADHE-RSA-AES128-SHATLS RSA WITH AES 128 GCM SHA256AES128-GCM-SHA256TLS RSA WITH AES 128 CBC SHA256AES128-SHA256TLS RSA WITH AES 128 CBC SHAAES128-SHA2
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10TLS 1.2 and DTLS 1.2 Cipher Suites (VPN)TLS 1.2 Cipher Suites (Network Access Manager)Table 2TLS 1.2 Cipher Suites (Network Access Manager)Standard RFC naming conventionOpenSSL naming conventionTLS ECDHE RSA WITH AES 256 CBC SH ECDHE-RSA-AES256-SHAATLS ECDHE ECDSA WITH AES 256 CBC ECDHE-ECDSA-AES256-SHASHATLS DHE DSS WITH AES 256 GCM SHA3 DHE-DSS-AES256-GCM-SHA38484TLS DHE DSS WITH AES 256 CBC SHA256DHE-DSS-AES256-SHA256TLS DHE RSA WITH AES 256 CBC SHADHE-RSA-AES256-SHATLS DHE DSS WITH AES 256 CBC SHADHE-DSS-AES256-SHATLS ECDHE RSA WITH AES 128 CBC SH ECDHE-RSA-AES128-SHAATLS ECDHE ECDSA WITH AES 128 CBC ECDHE-ECDSA-AES128-SHASHATLS DHE DSS WITH AES 128 GCM SHA2 DHE-DSS-AES128-GCM-SHA25656TLS DHE DSS WITH AES 128 CBC SHA256DHE-DSS-AES128-SHA256TLS DHE DSS WITH AES 128 CBC SHADHE-DSS-AES128-SHATLS ECDHE RSA WITH 3DES EDE CBC S ECDHE-RSA-DES-CBC3-SHAHATLS ECDHE ECDSA WITH 3DES EDE CBC SHAECDHE-ECDSA-DES-CBC3-SHASSL DHE RSA WITH 3DES EDE CBC SHAEDH-RSA-DES-CBC3-SHASSL DHE DSS WITH 3DES EDE CBC SHA EDH-DSS-DES-CBC3-SHATLS RSA WITH 3DES EDE CBC SHADES-CBC3-SHADTLS 1.0 Cipher Suites (VPN)Table 3DTLS 1.0 Cipher Suites (VPN)Standard RFC naming conventioOpenSSL naming conventionTLS DHE RSA WITH AES 256 GCM SHA3 DHE-RSA-AES256-GCM-SHA38484TLS DHE RSA WITH AES 256 CBC SHA2563DHE-RSA-AES256-SHA256
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10TLS 1.2 and DTLS 1.2 Cipher Suites (VPN)Table 3DTLS 1.0 Cipher Suites (VPN) (continued)Standard RFC naming conventioOpenSSL naming conventionTLS DHE RSA WITH AES 128 GCM SHA2 DHE-RSA-AES128-GCM-SHA25656TLS DHE RSA WITH AES 128 CBC SHA256DHE-RSA-AES128-SHA256TLS DHE RSA WITH AES 128 CBC SHADHE-RSA-AES128-SHATLS RSA WITH AES 256 CBC SHAAES256-SHATLS RSA WITH AES 128 CBC SHAAES128-SHAIKEv2/IPsec AlgorithmsEncryptionENCR AES GCM 256ENCR AES GCM 192ENCR AES GCM 128ENCR AES CBC 256ENCR AES CBC 192ENCR AES CBC 128Pseudo Random FunctionPRF HMAC SHA2 256PRF HMAC SHA2 384PRF HMAC SHA2 512PRF HMAC SHA1Diffie-Hellman GroupsDH GROUP 256 ECP - Group 19DH GROUP 384 ECP - Group 20DH GROUP 521 ECP - Group 21DH GROUP 3072 MODP - Group 15DH GROUP 4096 MODP - Group 16IntegrityAUTH HMAC SHA2 256 128AUTH HMAC SHA2 384 192AUTH HMAC SHA1 96AUTH HMAC SHA2 512 2564
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10License OptionsLicense OptionsUse of the AnyConnect Secure Mobility Client 4.10 requires that you purchase either an AnyConnect Plus orAnyConnect Apex license. The license(s) required depends on the AnyConnect VPN Client and Secure Mobilityfeatures that you plan to use, and the number of sessions that you want to support. These user-based licensesinclude access to support and software updates to align with general BYOD trends.AnyConnect 4.10 licenses are used with Cisco ASA 5500 Series Adaptive Security Appliances (ASA), IntegratedServices Routers (ISR), Cloud Services Routers (CSR), and Aggregated Services Routers (ASR), as well as othernon-VPN headends such as Identity Services Engine (ISE). A consistent model is used regardless of the headend,so there is no impact when headend migrations occur.One or more of the following AnyConnect licenses may be required for your deployment:LicenseDescriptionAnyConnect PlusSupports basic AnyConnect features such as VPN functionalityfor PC and mobile platforms (AnyConnect and standards-basedIPsec IKEv2 software clients), FIPS, basic endpoint contextcollection, and 802.1x Windows supplicant. Plus licenses aremost applicable to environments previously served by theAnyConnect Essentials license and users of the Network AccessManager module.AnyConnect ApexSupports all basic AnyConnect Plus features in addition toadvanced features such as clientless VPN, VPN posture agent,unified posture agent, Next Generation Encryption/Suite B,SAML, all plus services and flex licenses. Apex licenses are mostapplicable to environments previously served by the AnyConnectPremium, Shared, Flex, and Advanced Endpoint Assessmentlicenses.VPN Only (Perpetual)Supports VPN functionality for PC and mobile platforms,clientless (browser-based) VPN termination on ASA, VPN-onlycompliance and posture agent in conjunction with ASA, FIPScompliance, and next-generation encryption (Suite B) withAnyConnect and third-party IKEv2 VPN clients. VPN onlylicenses are most applicable to environments wanting to useAnyConnect exclusively for remote access VPN services but withhigh or unpredictable total user counts. No other AnyConnectfunction or service (such as Cisco Umbrella Roaming, ISEPosture, Network Visibility module, or Network Access Manager)is available with this licensee.AnyConnect Plus and Apex LicensesFrom the Cisco Commerce Workspace website, choose the service tier (Apex or Plus) and the length of term (1,3, or 5 year). The number of licenses that are needed is based on the number of unique or authorized users thatwill make use of AnyConnect. AnyConnect 4.10 is not licensed based on simultaneous connections. You can mixApex and Plus licenses in the same environment, and only one license is required for each user.AnyConnect 4.10 licensed customers are also entitled to earlier AnyConnect releases.5
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixFeatures MatrixAnyConnect 4.10 modules and features, with their minimum release requirements, license requirements, andsupported operating systems are listed in the following sections: AnyConnect Deployment and Configuration * Ability to minimize AnyConnect on VPN connect, or block connections to untrusted servers— Core Features— Connect and Disconnect Features— Authentication and Encryption Features— Interfaces AnyConnect Network Access Manager * If you are using ISE as a RADIUS server, note the following guideline:— HostScan and Posture Assessment— ISE Posture Customer Experience Feedback— Customer Experience Feedback— Diagnostic and Report Tool (DART) AMP Enabler Network Visibility Module Umbrella Roaming Security ModuleAnyConnect Deployment and equiredWindowsmacOSLinuxDeferred UpgradesASA yesPlusyesnonoPlusyesyesyesASDM 7.0Windows ServicesLockdownASA 8.0(4)Update Policy,Software and ProfileLockASA 8.0(4)Auto UpdateASA 8.0(4)ASDM 6.4(1)ASDM 6.4(1)ASDM 6.3(1)Web LaunchASA 8.0(4)(32 bit browsers only)ASDM 6.3(1)Pre-deploymentASA 8.0(4)ASDM 6.3(1)6
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features WindowsmacOSLinuxAuto Update ClientProfilesASA 8.0(4)PlusyesyesyesAnyConnect ProfileEditorASA 8.4(1)PlusyesyesyesUser ControllableFeaturesASA 8.0(4)Plusyesyesyes*ASDM 6.4(1)ASDM 6.4(1)ASDM 6.3(1)* Ability to minimize AnyConnect on VPN connect, or block connections to untrusted servers7
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixAnyConnect Core VPN ClientCore edWindowsmacOSLinuxSSL (TLS & DTLS),including Per App VPNASA 8.0(4)PlusyesyesyesSNI (TLS & DTLS)n/aPlusyesyesyesTLS CompressionASA esyesyesASDM 6.3(1)ASDM 6.3(1)DTLS fallback to TLSASA 8.4.2.8ASDM 6.3(1)IPsec/IKEv2ASA 8.4(1)ASDM 6.4(1)Split tunnelingASA 8.0(x)ASDM 6.3(1)Dynamic SplitTunnelingASA 9.0Plus, Apex, orVPN-onlyyesyesnoEnhanced DynamicSplit TunnelingASA 9.0Plus, Apex, orVPN-onlyyesyesnoSplit DNSASA yesASDM 6.3(1)Ignore Browser ProxyASA 8.3(1)ASDM 6.3(1)Proxy Auto Config(PAC) file generationASA 8.0(4)Internet ExplorerConnections tablockdownASA 8.0(4)Optimal GatewaySelectionASA 8.0(4)Global Site Selector(GSS) compatibilityASA 8.0(4)Local LAN AccessASA 8.0(4)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.4(1)ASDM 6.3(1)Tethered deviceaccess via clientfirewall rules, forsynchronizationASA 8.3(1)ASDM 6.3(1)8
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features WindowsmacOSLinuxLocal printer access viaclient firewall rulesASA 8.3(1)PlusyesyesyesIPv6ASA 9.0PlusyesyesnoPlusyesyesyesASDM 6.3(1)ASDM 7.0Further IPv6implementationASA 9.7.1Certificate PinningnodependencyPlus, Apex, orVPN-onlyyesyesyesManagement VPNtunnelASA 9.0ApexyesnonoASDM 7.7.1ASDM 7.10.19
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixConnect and Disconnect edWindowsmacOSLinuxSimultaneousClientless &AnyConnectconnectionsASA8.0(4)ApexyesyesyesStart Before Logon(SBL)ASA 8.0(4)PlusyesnonoRun script on connect& disconnectASA 8.0(4)PlusyesyesyesMinimize on connectASA noPlusyesyesnoPlusyesyesnoASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)Auto connect on startASA 8.0(4)ASDM 6.3(1)Auto reconnect(disconnect on systemsuspend, reconnect onsystem resume)ASA 8.0(4)Remote User VPNEstablishment(permitted or denied)ASA 8.0(4)Logon Enforcement(terminate VPN sessionif another user logs in)ASA 8.0(4)Retain VPN session(when user logs off,and then when this oranother user logs in)ASA 8.0(4)Trusted NetworkDetection (TND)ASA 8.0(4)Always on (VPN mustbe connected toaccess network)ASA 8.0(4)Always on exemptionvia DAPASA 8.3(1)Connect Failure Policy(Internet accessallowed or disallowed ifVPN connection fails)ASA 8.0(4)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)ASDM 6.3(1)10
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features WindowsmacOSLinuxCaptive PortalDetectionASA 8.0(4)PlusyesyesyesCaptive PortalRemediationASA 8.0(4)PlusyesyesnoEnhanced CaptivePortal RemediationnodependencyPlusyesyesnoASDM 6.3(1)ASDM 6.3(1)Authentication and Encryption edWindowsmacOSLinuxCertificate onlyauthenticationASA 8.0(4)PlusyesyesyesRSA SecurID /SoftIDintegrationPlusyesnonoSmartcard supportPlusyesyesnoSCEP (requires PostureModule if Machine ID isused)PlusyesyesnoList & select yesPlusyesyesyesApexyesyesyesSHA-2 for IPsec IKEv2(Digital Signatures,Integrity, & PRF)ASDM 6.3(1)ASA 8.0(4)ASDM 6.4(1)Strong Encryption(AES-256 & 3des-168)NSA Suite-B (IPseconly)ASA 9.0Enable CRL checkn/aApexyesnonoSAML 2.0 SSOASA 9.7.1Apex or VPNonlyyesyesyesASDM 7.0ASDM 7.7.1Enhanced SAML 2.0ASA 9.7.1.24ASA 9.8.2.28ASA 9.9.2.1Apex or ASA 9.7.1Plus, Apex, orVPN onlyyesyesyesASDM 7.7.111
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features seRequiredWindowsmacOSLinuxGUIASA 8.0(4)PlusyesyesyesCommand LineASDM 6.3(1)yesyesyesAPIyesyesyesMicrosoft ComponentObject Module (COM)yesnonoLocalization of UserMessagesyesyesnoCustom MSI transformsyesnonoUser defined resourcefilesyesyesnoyesyesnoClient HelpASA 9.0ASDM 7.012
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixAnyConnect Network Access dWindowsmacOSLinuxCoreASA 8.4(1)PlusyesnonononoASDM 6.4(1)Wired support IEEE802.3yesWireless support IEEE802.11yesPre-logon & SingleSign onAuthenticationyesIEEE 802.1XyesIEEE 802.1AEMACsecyesEAP methodsyesFIPS 140-2 Level 1yesMobile BroadbandsupportASA 8.4(1)yesIPv6ASA 9.0yesNGE and NSA Suite-BASDM 7.0yesTLS 1.2 for VPNconnectivity*n/ayesASDM 7.0* If you are using ISE as a RADIUS server, note the following guideline:ISE started support for TLS 1.2 in release 2.0. Network Access Manager and ISE will negotiate to TLS 1.0 if youhave the AnyConnect 4.7 (and later) version with TLS 1.2 and an ISE release prior to 2.0. Therefore, if you upgradeAnyConnect Network Access Manager to 4.7 (and later) and use EAP-FAST with ISE 2.0 (or later) for RADIUSservers, you must upgrade to the 2.4p5 release of ISE.13
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixAnyConnect Secure Mobility ModulesHostScan and Posture iredWindowsmacOSLinuxEndpoint AssessmentASA 8.0(4)ApexyesyesyesEndpoint RemediationASDM ne status &terminate messageASA 8.3(1)HostScan PackageUpdateASA 8.4(1)ASDM 6.3(1)ASDM 6.4(1)Host EmulationDetectionOPSWAT v4ASA 9.9(1)ASDM 7.9(1)ISE SDMReleaseMinimum ISEReleaseLicenseRequiredWindowsmacOSLinuxChange ofAuthorization (CoA)4.0ASA 9.2.12.0PlusyesyesyesISE Posture ProfileEditor4.0n/aApexyesyesyesAC Identity Extensions(ACIDex)4.0n/a2.0PlusyesyesyesISE Posture Module4.0n/a2.0ApexyesyesyesDetection of USBmass storage devices(v4 only)4.3n/a2.1ApexyesnonoOPSWAT v44.3n/a2.1ApexyesyesnoStealth Agent forposture4.4n/a2.2ApexyesyesnoContinuous tionprovisioning anddiscovery4.4n/a2.2ApexyesyesnoApplication kill anduninstall capabilities4.4n/a2.2ApexyesyesnoCisco Temporal Agent4.5n/a2.3ISE ApexyesyesnoASDM 7.2.1ASA 9.2.1ASDM 7.2.114
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features DMReleaseMinimum ISEReleaseLicenseRequiredWindowsmacOSLinuxEnhanced SCCMapproach4.5n/a2.3AC Apexand ISEApexyesnonoPosture policyenhancements foroptional mode4.5n/a2.3AC Apexand ISEApexyesyesnoPeriodic probe intervalin profile editor4.5n/a2.3AC Apexand ISEApexyesyesnoVisibility into hardwareinventory4.5n/a2.3AC Apexand ISEApexyesyesnoGrace period fornoncompliant devices4.6n/a2.4AC Apexand ISEApexyesyesnoPosture rescan4.6n/a2.4AC Apexand ISEApexyesyesnoAnyConnect stealthmode notifications4.6n/a2.4AC Apexand ISEApexyesyesnoDisabling UAC prompt4.6n/a2.4AC Apexand ISEApexyesnonoEnhanced graceperiod4.7n/a2.6AC Apexand ISEApexyesyesnoCustom notificationcontrols and revampof remediationwindows4.7n/a2.6AC Apexand ISEApexyesyesnoEnd-to-end agentlessposture flow4.9n/a3.0AC Apexand ISEApexyesyesnoWarning!Incompatibility warning: If you are an ISE customer running 2.0 or higher you must read this before proceeding!The ISE RADIUS has supported TLS 1.2 since release 2.0, however there is a defect in the ISE implementation ofEAP-FAST using TLS 1.2 tracked by CSCvm03681. The defect has been fixed in the 2.4p5 release of ISE.If NAM 4.7 (or later) is used to authenticate using EAP-FAST with any ISE releases that support TLS 1.2 prior tothe above releases, the authentication will fail and the endpoint will not have access to the network.15
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixAMP EnablerFeatureMinimumASA/ASDMReleaseMinimum ISEReleaseLicenseRequiredWindowsmacOSLinuxAMP enablerASDM 7.4.2ISE 1.4PlusYesYesNoASA 9.4.1Network Visibility ModuleFeatureMinimumASA/ASDMReleaseMinimum ISEReleaseLicenseRequiredWindowsmacOSLinuxNetwork VisibilityModuleASDM 7.5.1no ISEdependencyApexYesYesYesAdjustment to theASDM 7.5.1rate at which data isASA 9.5.1sentno ISEdependencyApexYesYesYesCustomization ofNVM timerno ISEdependencyApexYesYesYesBroadcast andASDM 7.5.1multicast option forASA 9.5.1data collectionno ISEdependencyApexYesYesYesCreation ofanonymizationprofilesASDM 7.5.1no ISEdependencyApexYesYesYesBroader datacollection andanonymization withhashingASDM 7.7.1no ISEdependencyApexYesYesYesSupport for Java as ASDM 7.7.1a containerASA 9.7.1no ISEdependencyApexYesYesYesConfiguration ofASDM 7.7.1cache to customizeASA 9.7.1no ISEdependencyApexYesYesYesPeriodic flowreportingASDM 7.7.1no ISEdependencyApexYesYesYesFlow filtern/ano ISEdependencyApexYesYesYesStandalone NVMn/an/aApexYesYesYesASA 9.5.1ASDM 7.5.1ASA 9.5.1ASA 9.5.1ASA 9.7.1ASA 9.7.116
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixUmbrella Roaming Security ModuleFeatureMinimumASA/ASDMReleaseMinimum ISEReleaseLicenseRequiredWindowsmacOSLinuxUmbrella RoamingSecurity ModuleASDM 7.6.2ISE 2.0Either Plus orApexYesYesNoASA 9.4.1Umbrellalicensing ismandatoryUmbrella SecureWeb Gatewayn/an/aSIG Essentialpackage fromUmbrellaYesYesNoOpenDNS IPv6supportn/an/an/aYesYesNoFor information on Umbrella licensing, eat-enforcement/packages/.Reporting and Troubleshooting ModulesCustomer Experience edWindowsmacOSLinuxCustomer ExperienceFeedbackASA 8.4(1)PlusyesyesnoASDM 7.0Diagnostic and Report Tool (DART)Log cOSLinuxVPNASA 8.0(4)PlusyesyesyesyesnonoyesyesyesASDM 6.3(1)Network AccessManagerPosture AssessmentASA 8.4(1)ASDM 6.4(1)Apex17
AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10Features MatrixCisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. Toview a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the propertyof their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any othercompany. (1110R)Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phonenumbers. Any examples, command display output, network topology diagrams, and other figures included in the document areshown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional andcoincidental. 2021 Cisco Systems, Inc. All rights reserved.18
Cisco Systems, Inc. www.cisco.com 1 AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10 . ASDM 6.3(1) Plus yes no no Pre-deployment ASA 8.0(4) ASDM 6.3(1) Plus yes yes yes. AnyConnect Secure Mobility Client Features, Licenses, and OSs, Release 4.10 Features Matrix 7
