EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1444 background imageLoading...
Page #1444 background image
65-20
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 65 Configuring Dynamic Access Policies
Understanding VPN Access Policies
Figure 65-6 Add Endpoint Attributes Dialog Box
Endpoint attributes contain information about the endpoint system environment, posture assessment
results, and applications. The adaptive security appliance dynamically generates a collection of endpoint
attributes during session establishment, and stores these attributes in a database associated with the
session. There is no limit for the number of endpoint attributes for each DAP record.
Each DAP record specifies the endpoint selection attributes that must be satisfied for the adaptive
security appliance to select it. The adaptive security appliance selects only DAP records that satisfy
every condition configured.
For detailed information about Endpoint attributes, see Endpoint Attribute Definitions.
To configure endpoint attributes as selection criteria for DAP records, in the Add/Edit Endpoint Attribute
dialog box, set components. These components change according to the attribute type you select.
Fields
• Endpoint Attribute Type—Choose from the drop-down list the endpoint attribute you want to set.
Options include Antispyware, Antivirus, Application, File, NAC, Operating System, Personal
Firewall, Process, Registry, VLAN, and Priority.
Endpoint attributes include these components, but not all attributes include all components. The
following descriptions show (in parentheses) the attributes to which each component applies.
• Exists/Does not exist buttons (Antispyware, Antivirus, Application, File, NAC, Operating System,
Personal Firewall, Process, Registry, VLAN, Priority)— Click the appropriate button to indicate
whether the selected endpoint attribute and its accompanying qualifiers (fields below the
Exists/Does not exist buttons) should be present or not.
• Vendor ID (Antispyware, Antivirus, Personal Firewall)—Identify the application vendor.
• Vendor Description (Antispyware, Antivirus, Personal Firewall)—Provide text that describes the
application vendor.
• Version (Antispyware, Antivirus, Personal Firewall)—Identify the version of the application, and
specify whether you want the endpoint attribute to be equal to/not equal to that version.
• Last Update (Antispyware, Antivirus, File)—Specify the number of days since the last update. You
might want to indicate that an update should occur in less than (<) or more than (>) the number of
days you enter here.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals