Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
70-32
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 70 Configuring Dynamic Access Policies
Configuring DAP Access and Authorization Policy Attributes
Configuring DAP Access and Authorization Policy Attributes
To Configure Access and Authorization Policy Attributes for a DAP, click each tab and configure the
fields.
Action Tab—Specifies special processing to apply to a specific connection or session.
Continue—(Default) Click to apply access policy attributes to the session.
Quarantine—Through the use of quarantine, you can restrict a particular client who already has
an established tunnel through a VPN. ASA applies restricted ACLs to a session to form a
restricted group, based on the selected DAP record. When an endpoint is not compliant with an
administratively defined policy, the user can still access services for remediation (such as
updating the antivirus and so on), but restrictions are placed upon the user. After the remediation
occurs, the user can reconnect, which invokes a new posture assessment. If this assessment
passes, the user connects.
Note This parameter requires an AnyConnect release that supports AnyConnect Secure
Mobility features.
Terminate—Click to terminate the session.
Personal
firewall
(Requires
Secure
Desktop)
endpoint.fw["label"].exists Host Scan true The personal firewall
exists
endpoint.fw["label"].version string 32 Version
endpoint.fw["label"].description string 128 Personal firewall
description
Policy endpoint.policy.location Secure
Desktop
string 64 Location value from
Cisco Secure Desktop
Process endpoint.process["label"].exists Secure
Desktop
true The process exists
endpoint.process["label"].path string 255 Full path of the process
Registry endpoint.registry["label"].type Secure
Desktop
dword
string
—dword
endpoint.registry["label"].value string 255 Value of the registry
entry
VLAN endoint.vlan.type CNA string VLAN type:
ACCESS
AUTH
ERROR
GUEST
QUARANTINE
ERROR
STATIC
TIMEOUT
Table 70-3 Endpoint Attribute Definitions (continued)
Attribute Type Attribute Name Source Value
Max String
Length Description