Problemas ocorrendo com o Windows 10 (build 1511) e o Cisco AnyConnect , que causam BSoD durante a reconexão com a VPN.
Segundo esse artigo da Microsoft esse erro pode ocorrer devido a conflito entre o Cisco AnyConnect e o Credential Guard: https://docs.microsoft.com/pt-br/windows/access-protection/credential-guard/credential-guard-known-issues
Neste artigo a Cisco indica que o problema não ocorre com o Windows 10 em versões mais novas: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc66692/?referring_site=bugquickviewclick
No meu caso atualizar a build do Windows 10 não era uma opção então contornei o problema desabitando o Credential Guard. Para isso executei o “Passo 1” desse procedimento da VMWare: https://kb.vmware.com/s/article/2146361.
Não cheguei a executar os demais passos do procedimento, mas avalie se isso é necessário em seu ambiente.
Reproduzo abaixo os passos descritos no procedimento da VMWare:
To disable Device Guard or Credential Guard: 1. Disable the group policy setting that was used to enable Credential Guard. a. On the host operating system, click Start > Run, type gpedit.msc, and click Ok. The Local group Policy Editor opens. b. Go to Local Computer Policy > Computer Configuration > Administrative Templates > System > Device Guard > Turn on Virtualization Based Security. c. Select Disabled. 2. Go to Control Panel > Uninstall a Program > Turn Windows features on or off to turn off Hyper-V. 3. Select Do not restart. 4. Delete the related EFI variables by launching a command prompt on the host machine using an Administrator account and run these commands: mountvol X: /s copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d "DebugTool" /application osloader bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi" bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215} bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition= mountvol X: /d Note: Ensure X is an unused drive, else change to another drive. 5. Restart the host. 6. Accept the prompt on the boot screen to disable Device Guard or Credential Guard.