PDF(555.3 KB) View with Adobe Reader on a variety of devices
Updated:June 10, 2016
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
See the Feature Matrix below for license information and operating system limitations that apply to AnyConnect modules and features.
AnyConnect 4.3 has moved to the Visual Studio (VS) 2015 build environment and requires VS redistributable files for its Network Access Manager module functionality. These files are installed as part of the install package. You can use the.msi files to upgrade the Network Access Manager module to 4.3, but the AnyConnect Security Mobility Client must be upgraded first and running release 4.3.
Also, with the addition of the AnyConnect Umbrella Roaming Security Module, Microsoft.NET 4.0 is required.
License Options
Use of the AnyConnect Secure Mobility Client 4.3 requires that you purchase either an AnyConnect Plus or AnyConnect Apex license. The license(s) required depends on the AnyConnect VPN Client and Secure Mobility features that you plan to use, and the number of sessions that you want to support. These user-based licenses include access to support and software updates to align with general BYOD trends.
AnyConnect 4.3 licenses are used with Cisco ASA 5500 Series Adaptive Security Appliances (ASA), Integrated Services Routers (ISR), Cloud Services Routers (CSR), and Aggregated Services Routers (ASR), as well as other non-VPN headends such as Identity Services Engine (ISE), Cloud Web Security (CWS), and Web Security Appliance (WSA). A consistent model is used regardless of the headend, so there is no impact when headend migrations occur.
One or more of the following AnyConnect licenses may be required for your deployment:
License
Description
AnyConnect Plus
Supports basic AnyConnect features such as VPN functionality for PC and mobile platforms (AnyConnect and standards-based IPsec IKEv2 software clients), FIPS, basic endpoint context collection, 802.1x Windows supplicant, and web security SSL VPN. Plus licenses are most applicable to environments previously served by the AnyConnect Essentials license and users of Network Access Manager or Web Security modules.
AnyConnect Apex
Supports all basic AnyConnect Plus features in addition to advanced features such as clientless VPN, VPN posture agent, unified posture agent, Next Generation Encryption/Suite B, all plus services and flex licenses. Apex licenses are most applicable to environments previously served by the AnyConnect Premium, Shared, Flex, and Advanced Endpoint Assessment licenses.
AnyConnect Plus and Apex Licenses
From the Cisco Commerce Workspace website, choose the service tier (Apex or Plus) and the length of term (1, 3, or 5 year). The number of licenses that are needed is based on the number of unique or authorized users that will make use of AnyConnect. AnyConnect 4.3 is not licensed based on simultaneous connections. You can mix Apex and Plus licenses in the same environment, and only one license is required for each user.
AnyConnect 4.3 licensed customers are also entitled to earlier AnyConnect releases.
Features Matrix
AnyConnect 4.3 modules and features, with their minimum release requirements, license requirements, and supported operating systems are listed in the following sections:
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
Connect and Disconnect Features
Feedback