Cisco Cisco AnyConnect Secure Mobility Client v3.x 發佈版本通知
Release Notes for Cisco AnyConnect Secure Mobility Client, Release 3.1
Guidelines and Limitations
24
Avoid Wireless-Hosted-Network
Using the Windows 7 or later
feature can make AnyConnect unstable. When using
AnyConnect, we do not recommend enabling this feature or running front-end applications that enable it (such as
Connectify or Virtual Router).
Connectify or Virtual Router).
AnyConnect Requires That the ASA Be Configured to Accept TLSv1
Traffic
Traffic
AnyConnect requires the ASA to accept TLSv1 traffic, but not SSLv3 traffic. The SSLv3 key derivation algorithm
uses MD5 and SHA-1 in a way that can weaken the key derivation. TLSv1, the successor to SSLv3, resolves this
and other security issues present in SSLv3.
uses MD5 and SHA-1 in a way that can weaken the key derivation. TLSv1, the successor to SSLv3, resolves this
and other security issues present in SSLv3.
Thus, the AnyConnect client cannot establish a connection with the following ASA settings for “ssl
server-version”:
server-version”:
ssl server-version sslv3
ssl server-version sslv3-only
Trend Micro Conflicts with Install
If you have Trend Micro on your device, the Network Access Manager will not install because of a driver conflict.
You can uninstall the Trend Micro or uncheck trend micro common firewall driver to bypass the issue. Trend
Micro also conflicts with Web Security.
You can uninstall the Trend Micro or uncheck trend micro common firewall driver to bypass the issue. Trend
Micro also conflicts with Web Security.
What Host Scan Reports
None of the supported antivirus, antispyware, and firewall products report the last scan time information. Host
scan reports the following:
scan reports the following:
For antivirus and antispyware
—
Product description
—
Product version
—
File system protection status (active scan)
—
Data file time (last update and timestamp)
For firewall
—
Product description
—
Product version
—
Is firewall enabled
ActiveX Controls May Fail During Web-Deployment and Upgrade
Installation of an ActiveX control requires administrative privileges.
AnyConnect web-deployment must install an ActiveX control. If the user can't install that control, then
web-deployment fails.
web-deployment fails.
The AnyConnect ActiveX control will change periodically, due to a security fix or the addition of new functionality.
Upgrading the ActiveX control will fail during Weblaunch for users with Standard privileges.
Upgrading the ActiveX control will fail during Weblaunch for users with Standard privileges.