Question : Cisco SSL VPN vulnerabilities -how to secure

We run a cisco ssl vpn at work. Upon successful authentication, the anyconnect client installs on the clients machine. I am kind of nervous because all it takes is a user to install it on their home machine (which could be infected) and we could get hosed.

Is there a better way to secure this? Is it possible to configure the SSL vpn so that anyconnect only installs on corporate pcs?  

Is there a way to use client certs to improve security?

Answer : Cisco SSL VPN vulnerabilities -how to secure

Along with Cisco AnyConnect SSL client, you can enable Cisco Secure Desktop to interrogate the end user's PC. You can scan for keyloggers out of the box. You can scan for any number of things like 'are you one of our corporate pc's? do you have a firewall? Is is one of these x_number of options? Do you have anti-virus? Is it one of these x_number of authorized applications? Has it been updated within the past x_number of hours? There is virtually no limit on the depth of interrogations you can include beyond simply the username/password.
You can upgrade to Secure Desktop Plus license and get even more options. You can really get crazy stupid on it, or simple "clean access" antivirus up to date and no keyloggers.

Random Solutions  
programming4us programming4us