Cisco AnyConnect 4.x was designed as a "unified security endpoint". Unlike traditional VPNs that only provide a tunnel, v4.x introduced a modular architecture that allowed IT administrators to deploy only the specific security services required for their environment.
While Cisco AnyConnect v4.x has been a robust solution, it is not without its historical challenges. Being a widely deployed enterprise tool, it has been a target for researchers and attackers. Over the years, vulnerabilities have been discovered, including privilege escalation issues that could allow a local attacker to gain system-level access. Cisco has generally been responsive in patching these vulnerabilities, but the maintenance burden highlights the risks of running outdated versions of the client. cisco anyconnect secure mobility client v4.x
Blocks non-VPN traffic unless the client is on a trusted network. Cisco AnyConnect 4