Cisco Systems ASA 5580 Network Router User Manual

Open as PDF

of 2086

70-27

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter 70 Configuring Dynamic Access Policies

Configuring Endpoint Attributes Used in DAPs

To set this value, after you have defined all instances of the endpoint attribute, click the Logical Op.

button and select the Match Any or Match All button. If you do not specify a Logical Operation, Match

Any is used by default.

Detailed Steps

Step 1 In the Endpoint Attribute Type list box, select Policy.

Step 2 Check the Location checkbox and set the operation field to be equal to (=) or not equal to (!=) the Cisco

Secure Desktop Microsoft Windows location profile. Enter the Cisco Secure Desktop Microsoft

Windows location profile string in the Location text box.

Step 3 Click OK.

Step 4 Return to Configuring Dynamic Access Policies, page 70-10.

Additional References

See Endpoint Attribute Definitions, page 70-29 for additional information on the Policy endpoint

attribute requirements.

Adding a Process Endpoint Attribute to a DAP

Prerequisites

• Configuring Process endpoint attributes as selection criteria for DAP records is part of a larger

process. Read Configuring Dynamic Access Policies, page 70-10 before you configure Personal

Firewall endpoint attributes.

• Before configuring a Process endpoint attribute, define the process for which you want to scan in

the Host Scan window for Cisco Secure Desktop. In ASDM select Configuration > Remote Access

VPN > Secure Desktop Manager > Host Scan. Click Help on that page for more information.

Guidelines

You can create multiple instances of each type of endpoint attribute. For each of these types, you need

to decide whether the DAP policy should require that the user have all instances of a type (Match all =

AND) or only one of them (Match Any = OR).

To set this value, after you have defined all instances of the endpoint attribute, click the Logical Op.

button and select the Match Any or Match All button. If you do not specify a Logical Operation, Match

All is used by default.

Detailed Steps

Step 1 In the Endpoint Attribute Type list box, select Process.

Step 2 Click the appropriate Exists or Does not exist button to indicate whether the selected endpoint attribute

and its accompanying qualifiers (fields below the Exists and Does not exist buttons) should be present

or not.

Step 3 In the Endpoint ID list box, choose from the drop-down list the endpoint ID for which you want to scan.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems ASA 5580 Network Router User Manual