Cisco Systems CL-28826-01 Add/Edit DAP Entry Dialog Box

31-26

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 31 Managing Dynamic Access Policies for Remote Access VPNs (ASA 8.0+ Devices)

Dynamic Access Page (ASA)

•Configuring Dynamic Access Policies, page 31-2

Field Reference

Add/Edit DAP Entry Dialog Box > AnyConnect Identity

To configure AnyConnect Identity attributes as selection criteria for dynamic access policies, set

AnyConnect Identity as the selection criterion in the Add/Edit DAP Entry dialog box. The ASA

generates DAP endpoint attributes based on the AnyConnect Identification attributes received from the

AnyConnect mobile client. You are not required to enable Cisco Secure Desktop to configure these

specific attributes using Security Manager.

For the purposes of assigning a dynamic access policy, if you configure more than one AnyConnect

Identity attribute for a particular DAP entry, the entry will be considered a match if any of the attributes

values are true. There is no limit for the number of AnyConnect Identity attributes for each dynamic

access policy.

Table31-10 Add/Edit DAP Entry Dialog Box > Anti-Virus

Element Description

Criterion Shows Anti-Virus as the selection criterion.

Type Select one of the following options and assign the associated values:

•Not Installed—Select if the absence of the named anti-virus from

the remote PC is sufficient to match the prelogin policy you are

configuring.

•Installed and enabled—Select if the named anti-virus must be

present and enabled on the remote PC to match the prelogin policy

you are configuring.

•Installed and disabled—Select if the mere presence of the named

anti-virus on the remote PC is sufficient to match the prelogin

policy you are configuring.

Vendor Name Select the text that describes the application vendor from the list.

Product ID Select a unique identifier for the product that is supported by the

selected vendor from the list.

Product Description Available only if you selected the criteria to match the endpoint

attribute for the dynamic access policy.

Select the check box, then select the description of the product from the

list.

Version Available only if you selected the criteria to match the endpoint

attribute for the dynamic access policy.

Identify the version of the application, and specify whether you want

the endpoint attribute to be equal to/not equal to that version.

Last Update Available only if you selected the criteria to match the endpoint

attribute for the dynamic access policy.

Specify the number of days since the last update. You might want to

indicate that an update should occur in less than or greater than the

number of days you enter here.