Cisco 5520 Configuration Guide - Page 25
Introduction - firewall
UPC - 746320987088
View all Cisco 5520 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 25 highlights
Introduction CH A P T E R 3 The following sections describe the capabilities of Cisco Secure Desktop (CSD), introduce the Cisco Secure Desktop Manager (CSDM) interface, and describe how to save configuration changes: • CSD Capabilities • Navigation • Saving and Resetting the Running CSD Configuration CSD Capabilities CSD seeks to minimize the risk of information being left after an SSL VPN session terminates. CSD's goal is to reduce the possibility that cookies, browser history, temporary files, and downloaded content remain on a system after a remote user logs out or an SSL VPN session times out. CSD encrypts data and files associated with, or downloaded, during the SSL VPN session. The protection provided by CSD is valuable in case of an abrupt session termination, or if a session times out due to inactivity. Furthermore, CSD stores session information in the secure vault desktop partition; when the session closes, CSD overwrites and attempts to remove session data using a U.S. Department of Defense (DoD) sanitation algorithm to provide endpoint security protection. CSD allows full customization of when and where it is downloaded. It supports profiles of network element connection types (corporate laptop, home PC, or Internet kiosk) and applies a different security policy to each type. These policies include System Detection, which is the definition, enforcement, and restoration of client security in order to secure enterprise networks and data. You can configure System Detection to confirm the presence of the CSD modules Secure Desktop or Cache Cleaner; and antivirus software, antispyware software, personal firewall software, and/or the Microsoft® Windows operating system and service packs on the user's computer as conditions for enabling particular features. Cisco SSL VPN solutions provide organizations with robust and flexible products for protecting the security and privacy of information, and can play an important part in an organization's compliance strategies. No single technology today addresses all security requirements under the proposed standards. In addition, given limitations of the Microsoft operating system, no technology that interoperates with the operating system can ensure the total removal of all data, especially from an untrusted system with potentially malicious third party software installed. However, deployments of Cisco SSL VPN using CSD, when combined with other security controls and mechanisms within the context of an effective risk management strategy and policy, can help to reduce risks associated with using such technologies. OL-8607-02 Cisco Secure Desktop Configuration Guide 3-1