33-25
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter33 Configuring Policy Objects for Remote Access VPNs
Add and Edit File Object Dialog Boxes
Add and Edit File Object Dialog Boxes
Use the Add and Edit File Object dialog boxes to create, copy, and edit file objects. File objects represent
files that are used in device configurations, typically for remote access VPN policies and policy objects.
Such files include Anyconnect client profile and image files, image (graphic) files, plug-in jar files, and
Cisco Secure Desktop package files.
VPN Feature Policy Select the check boxes to enable these features if installation or location
matching fails:
Web Browsing
File Access
Port Forwarding
Full Tunneling
Windows CE
VPN Feature Policy The Windows CE options enable you to configure a VPN feature policy
to enable or restrict web browsing and remote server file access for
remote clients running Microsoft Windows CE. You cannot configure
locations for these clients.
Mac and Linux Cache Cleaner
Launch Cleanup Upon
Global Timeout
Whether to set a global timeout after which CSD launches the cache
cleaner. Select a timeout (the default is 30 minutes), and select whether
to allow the user to reset the timeout value.
Launch Cleanup Upon
Exiting of Browser
Whether to start the cache cleaner when the user closes all web browser
windows.
Enable Canceling of
Cleaning
Whether to allow the remote user to cancel the cleaning of the cache.
Secure Delete The number of passes for CSD to perform a secure cleanup. The default
is 1 pass.
CSD encrypts and writes the cache to the remote client’s disk. Upon
termination of the Secure Desktop, CSD converts all bits occupied by
the cache to all 0’s, then to all 1’s, and then to randomized 0’s and 1’s.
Enable Web Browsing if Mac
or Linux Installation Fails
Whether to allow web browsing (but not other remote access features)
if the cache cleaner installation fails.
VPN Feature Policy Whether to allow web browsing, remote server file access, and port
forwarding for Macintosh and Linux clients. Port forwarding permits
the use of the Secure Desktop to connect a client application installed
on the local PC to the TCP/IP port of a peer application on a remote
server.
Category The category assigned to the object. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.
Table33-15 Add or Edit Secure Desktop Configuration Dialog Box (Continued)
Element Description