31-29
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter31 Managing Dynamic Access Policies for Remote Access VPNs (ASA 8.0+ Devices)
Dynamic Access Page (ASA)
Field Reference
Add/Edit DAP Entry Dialog Box > File
The file criterion prelogin check lets you specify that a certain file must or must not exist to be eligible
for the associated prelogin policy. For example, you might want to use a file prelogin check to ensure a
corporate file is present or one or more peer-to-peer file-sharing programs containing malware are not
present before assigning a prelogin policy.
Note Duplicate entries are not allowed. If you configure a dynamic access policy with no AAA or endpoint
attributes, the security appliance always selects it since all selection criteria are satisfied.
Navigation Path
Open the Add/Edit Dynamic Access Policy Dialog Box, page 31-12 with the Main tab selected, then
click Create, or select a dynamic access policy in the table and click Edit. The Add/Edit DAP Entry
dialog box is displayed. Select File as the Criterion.
Related Topics
Understanding DAP Attributes, page 31-3
Configuring DAP Attributes, page31-7
Configuring Dynamic Access Policies, page 31-2
Field Reference
Table31-13 Add/Edit DAP Entry Dialog Box > Device
Element Description
Criterion Shows Device as the selected Criterion.
Host Name Select this option, choose a match criterion (is or isn’t) from the related
drop-down list, and then enter the device host name to be matched.
MAC Address Select this option, choose a match criterion (is or isn’t) from the related
drop-down list, and then enter the device’s MAC address to be matched.
Port Number Select this option, choose a match criterion (is or isn’t), and then enter
or Select the device port to be matched.
Privacy Protection Select this option, choose a match criterion (is or isn’t), and then choose
the Privacy Protection option defined on the device: none, cache
cleaner, or secure desktop.
Table31-14 Add/Edit DAP Entry Dialog Box > File
Element Description
Criterion Shows File as the selection criterion.
Type Specify whether this endpoint attribute must match or not match the
criteria configured for selecting and applying dynamic access policies
during session establishment.