33-23
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter33 Configuring Policy Objects for Remote Access VPNs
Add or Edit Secure Desktop Configuration Dialog Box
Add or Edit Secure Desktop Configuration Dialog Box
Use the Add or Edit Cisco Secure Desktop Configuration dialog box to create, copy, and edit Cisco
Secure Desktop Configuration objects for IOS routers. You can configure the settings required for
Windows clients who are connecting from different location types, enable or restrict web browsing and
file access for Windows CE clients, and configure the cache cleaner for Macintosh and Linux clients.
Cisco Secure Desktop (CSD) secures network endpoints by providing a reliable means of eliminating all
traces of sensitive data by providing a single, secure location for session activity and removal on the
client system.
This policy object uses the Secure Desktop Manager application to configure the settings. For an
example of configuring settings, see Cisco Secure Desktop on IOS Configuration Example Using SDM
at
http://www.cisco.com/en/US/products/ps6496/products_configuration_example09186a008072aa7b.sht
Address Pools Specifies the name of one or more IPv4 address pools to use for this
group policy. Enter the names of the IPv4 address pool objects
separated by a comma or click Select to select the objects from a list or
to create a new objects.
Access hours The name of a time range policy object that specifies the times that
users are allowed to access the VPN. If you do not specify a time range,
users can access the VPN at all times. Specify a time range if you want
to limit access to the network to certain hours, such as the typical work
days and work hours for your organization.
Enter the name of the object or click Select to select it from a list or to
create a new object. For more information, see Configuring Time Range
Objects, page 6-66.
Max Simultaneous Logins The number of simultaneous logins a single user is allowed. Values are
0-2147483647. The default is 3. Specify 0 to disable logins and prevent
user access.
Max Connection Time The maximum amount of time a user is allowed to be connected to the
VPN. Select one of the following:
Specified Connection time—Use the maximum time value that you
enter. Values are 1-35791394 minutes. After the time is exceeded,
the security appliance closes the connection.
Unlimited Connection time—The security appliance does not close
connections based on connection time.
Idle Timeout The amount of time a user is allowed to be connected to the VPN while
the connection is idle, that is, there is no communication activity. Select
one of the following:
Specified Timeout—Use the time out value you enter. Values are
1-4473924 minutes. When the idle time is exceeded, the security
appliance closes the connection. The default is 30 minutes.
Unlimited Timeout—The security appliance does not close idle
connections.
Table33-14 ASA Group Policies Connection Settings (Continued)
Element Description