Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
31-33
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 31 Managing Dynamic Access Policies for Remote Access VPNs (ASA 8.0+ Devices)
Dynamic Access Page (ASA)
Add/Edit DAP Entry Dialog Box > Policy
Windows locations let you determine how clients connect to your virtual private network, and protect it
accordingly. For example, clients connecting from within a workplace LAN on a 10.x.x.x network
behind a NAT device are an unlikely risk for exposing confidential information. For these clients, you
might set up a Cisco Secure Desktop Windows Location named Work that is specified by IP addresses
on the 10.x.x.x network, and disable both the Cache Cleaner and the Secure Desktop function for this
location. Cisco Secure Desktop checks locations in the order listed on the Windows Location Settings
window, and grants privileges to client PCs based on the first location definition they match.
Note Duplicate entries are not allowed. If you configure a dynamic access policy with no AAA or endpoint
attributes, the security appliance always selects it since all selection criteria are satisfied.
Navigation Path
Open the Add/Edit Dynamic Access Policy Dialog Box, page 31-12 with the Main tab selected, then
click Create, or select a dynamic access policy in the table and click Edit. The Add/Edit DAP Entry
dialog box is displayed. Select Policy as the Criterion.
Related Topics
Understanding DAP Attributes, page 31-3
Configuring DAP Attributes, page 31-7
Configuring Dynamic Access Policies, page 31-2
Field Reference
Product ID Select a unique identifier for the product that is supported by the
selected vendor from the list.
Product Description Available only if you selected that this endpoint attribute and all its
settings must be available on the remote PC.
Select the check box, then select the description of the product from the
list.
Version Available only if you selected that this endpoint attribute and all its
settings must be available on the remote PC.
Identify the version of the application, and specify whether you want
the endpoint attribute to be equal to/not equal to that version.
Table 31-17 Add/Edit DAP Entry Dialog Box > Personal Firewall (Continued)
Element Description
Table 31-18 Add/Edit DAP Entry Dialog Box > Policy
Element Description
Criterion Shows Policy as the selection criterion.
Location Select the matching criteria (for example, is) from the drop-down list,
and select the Cisco Secure Desktop Microsoft Windows location
profile from the list. All the locations configured in the Cisco Secure
Desktop Manager are displayed in this list.