5-16
Cisco Secure Desktop Configuration Guide
OL-8607-02
Chapter 5 Setting Up CSD for Microsoft Windows Clients
Configuring the Secure Desktop for Clients that Match Location Criteria
• Anti-Virus—Check to enable System Detection for the presence of antivirus software.
CSD requires one of the applications highlighted to be running on the remote client PC to satisfy
the anti-virus requirement.
• Anti-Spyware—Check to enable System Detection for the presence of antispyware software.
CSD requires one of the applications highlighted to be running on the remote client PC to satisfy
the anti-virus requirement.
• Firewall—Check to enable System Detection for the presence of a personal firewall that is running.
CSD requires one of the applications highlighted to be running on the remote client PC to satisfy
the personal firewall requirement.
• OS—Check to enable System Detection for the presence of a particular operating system and
service pack. CSD requires one of the operating systems highlighted to be running on the remote
client PC to satisfy the operating system requirement.
Step 5 (Optional) Enter an integer in the range 0 - 999999 in the Must have been updated in the last ___ days
fields.
CSDM includes this two such fields, one above the Anti-Virus window and the other above the
Anti-Spyware window.
Step 6 For each enabled security category you check, click one of the options or control-click multiple options.
Note For the complete list of applications checked by System Detection, see Figure 5-7 or refer to “System
Detection Questions.”
Click Apply All to save the running CSD configuration.
Configuring Web Browsing, File Access, Port Forwarding, and Full Tunneling VPN Policies for a
Location
This section describes how to configure permissions and system detection conditions for web browsing,
file access, port forwarding, and full tunneling when the remote client satisfies the configured location
criteria.
Note To configure settings when remote clients running Microsoft Windows do not satisfy configured location
criteria, see “Creating Windows Locations.”
Step 1 Click VPN Feature Policy under the name of the location you are configuring in the menu on the left.
The VPN Feature Policy pane displays the default Group-Based Policy tab (described in “Configuring a
Group-based Policy for a Location”).
Step 2 Click the tab that names the application for which you would like to configure a policy. The tabs after
the Group-Based Policy tab are as follows:
• Web browsing—Permits the client to use the Secure Desktop to browse the web.
• File access—Permits the use of the Secure Desktop to access files on a remote server.
• Port forwarding—Permits the use of the Secure Desktop to connect a client application installed on
the local PC to the TCP/IP port of a peer application on a remote server.