5-25
Cisco Secure Desktop Configuration Guide
OL-8607-02
Chapter 5 Setting Up CSD for Microsoft Windows Clients
Configuring the Secure Desktop for Clients that Match Location Criteria
Configuring Secure Desktop Settings for a Location
Click Secure Desktop Settings under the location name to place restrictions on the Secure Desktop.
The Secure Desktop Settings pane appears. Figure 5-13 shows the default settings.
Figure 5-13 Secure Desktop Settings
Check the boxes to apply the associated restrictions. The restrictions are as follows:
• Restrict application usage to the web browser only—Check to let only the originating browser run
on the Secure Desktop. If you choose this option, the browser that started CSD (Internet Explorer,
Netscape, Firefox, etc.) is the only browser permitted to run in Secure Desktop mode. Choosing this
option limits the user's ability to use other applications, but increases the level of security.
• Disable access to network drives and network folders—Check to prevent the user from accessing
network resources and network drives while on the Secure Desktop. The network resources are those
that use the Server Message Block (SMB) client/server, request-response protocol to share such
resources as files, printers, and APIs. For maximum security, we recommend that you check this
attribute. If you do, the Secure Desktop Manager dims the following attribute.
• Do not encrypt files on network drives—Check to prevent the user from saving encrypted files to
drives onto the network while on the Secure Desktop. The Secure Desktop Manager dims this
attribute if you check the previous attribute.
• Disable access to removable drives and removable folders—Check to prevent the user from
accessing portable drives while on the Secure Desktop. Otherwise, the user can save files to a
removable drive and remove the drive before closing the CSD session. After closing the CSD
session, the user could forget to take the removable drive. For maximum security, we recommend
that you check this attribute. If you do, the Secure Desktop Manager dims the next attribute.
This attribute applies only to the drives that Microsoft names “Removable” in the Windows Explorer
“My Computer” window.
• Do not encrypt files on removable drives—Check to prevent the user from saving encrypted files
onto portable drives while on the Secure Desktop. The Secure Desktop Manager dims this attribute
if you check the previous attribute.
To Next Page
Loading...
Need help?
General