The following sections describe the capabilities of Cisco Secure Desktop (CSD), introduce the Cisco Secure Desktop Manager (CSDM) interface, and describe how to save configuration changes:
•Saving and Resetting the Running CSD Configuration
CSD seeks to minimize the risk of information being left after an SSL VPN session terminates. CSD's goal is to reduce the possibility that cookies, browser history, temporary files, and downloaded content remain on a system after a remote user logs out or an SSL VPN session times out. CSD encrypts data and files associated with or downloaded during the SSL VPN session.
The protection provided by CSD is valuable in case of an abrupt session termination, or if a session times out due to inactivity. Furthermore, CSD stores session information in the secure vault desktop partition; when the session closes, CSD overwrites and attempts to remove session data using a U.S. Department of Defense (DoD) sanitation algorithm to provide endpoint security protection.
CSD allows full customization of when and where it is downloaded. It supports profiles of network element connection types (corporate laptop, home PC, or Internet kiosk) and applies a different security policy to each type. These policies include System Detection, which is the definition, enforcement, and restoration of client security in order to secure enterprise networks and data. You can configure System Detection to confirm the presence of the CSD modules Secure Desktop or Cache Cleaner; and antivirus software, antispyware software, personal firewall software, and/or the Microsoft® Windows operating system and service packs on the user's computer as conditions for enabling particular features.
Cisco SSL VPN solutions provide organizations with robust and flexible products for protecting the security and privacy of information, and can play an important part in an organization's compliance strategies. No single technology today addresses all security requirements under the proposed standards. In addition, given limitations of the Microsoft operating system, no technology that interoperates with the operating system can ensure the total removal of all data, especially from an untrusted system with potentially malicious third party software installed. However, deployments of Cisco SSL VPN using CSD, when combined with other security controls and mechanisms within the context of an effective risk management strategy and policy, can help to reduce risks associated with using such technologies.
To access the Secure Desktop Manager to configure CSD for remote clients, choose Configuration > CSD Manager > Secure Desktop Manager.
The Secure Desktop Manager pane opens.
Figure 3-1 shows the default menu and the Secure Desktop Manager pane.
Figure 3-1 Secure Desktop Manager (Initial)
The following initial options are available in the CSDM menu:
•Windows Location Settings — Click to create a group of settings for Windows clients connecting from a particular type of location, such as Work, Home, or Insecure. Once you create a location, you can specify how to determine that clients are connecting from that particular location. For example, clients with DHCP-assigned IP addresses within a corporate address range connect from the Work location.
After you create a location, you can configure the VPN Feature Policy, Keystroke Logger, Cache Cleaner, and Secure Desktop features for that location.
•Windows CE — Click to enable or restrict web browsing and file access for Windows CE clients. CSD does not support location entries for Windows CE clients, but does let you enable or restrict web browsing and remote server file access for them.
•Mac & Linux Cache Cleaner — Click to configure the Cache Cleaner and a VPN Feature Policy (enable or restrict web browsing, remote server file access, and port forwarding) for Macintosh and Linux clients.
Note Port forwarding permits the use of the Secure Desktop to connect a client application installed on the local PC to the TCP/IP port of a peer application on a remote server.
CSD does not support location entries for Macintosh and Linux clients; however, it does support a limited set of security features for these platforms.
Figure 3-2 shows a CSD menu populated with locations.
Figure 3-2 Navigating the Secure Desktop Manager
A location is a security profile you can assign to Microsoft Windows clients as they connect to the corporate network. (Locations apply to Microsoft Windows users only.) As an administrator, you specify the criteria to match the client to the location. Eligible matching criteria include certificate name and authority, IP address range, and local file or registry requirements. Each location also contains a set of user access rights. For example, as an administrator, you might configure a secure location to provide full access rights - web browsing, remote server file access, port forwarding, and full VPN tunneling - but limit an insecure location to web browsing.
Windows locations allow deployment of the Secure Desktop functions on a location-specific basis. Typical location types include Work, Home, and Insecure (for such client connection sites as an Internet cafe). You can use Secure Desktop Manager to define as many locations as needed. Each location has its own settings and options that make up its security profile.
When you add a location to the configuration, the Desktop Manager displays the name of the location in the menu, and displays the following options for configuring privileges and restrictions for that location only:
•VPN Feature Policy—Provides System Detection before allowing the following remote access functions: web browsing, remote server file access, port forwarding, and full tunneling using the SSL VPN Client. It can require and verify the presence of certain safeguards such as antivirus software, antispyware software, firewall software, and the operating system version and patch.
•Keystroke Logger—Scans the client PC for a keystroke logging application. You can configure a location type to require a scan for keystroke logging applications on the client PC. You can list the keystroke logging applications that are safe or let the remote user approve of the applications the scan identifies. Secure Desktop and Cache Cleaner launch only if the scan is clear, or only if you assign administrative control to the user and the user approves of the applications the scan identifies. Cisco Secure Desktop may be unable to detect every potentially malicious keystroke logger, including but not limited to hardware keystroke logging devices.
•Cache Cleaner—Attempts to disable or erase data that a user downloaded, inserted, or created in the browser, including cached files, configuration changes, cached browser information, passwords entered, and auto-completed information. The Cache Cleaner works with Microsoft Internet Explorer 5.0 or later on Windows 98, ME, NT 4, 2000, and XP; Internet Explorer 5.2 or later, or Safari 1.0 or later, on Macintosh (MacOS X); and Mozilla 1.1 or later on Red Hat Linux v9.
•Secure Desktop General—Provides an encrypted space for Windows 2000 and Windows XP users, within which the user has an online session using a browser. It is transparent, requiring only a browser for access. The Secure Desktop does not encrypt or clean system memory information, including that which may be left on the disk by the operating system in the Windows virtual memory file, commonly referred to as the paging file. There may also be instances where, if local printing is permitted, that data can remain in the local system print spool. CSD does provide an option that seeks to disable printing from within a CSD session.
•Secure Desktop Settings—Lets you place restrictions on the Secure Desktop.
•Secure Desktop Browser—Specifies the home page to which the browser connects when the remote user establishes a CSD session. This option also lets you specify the folders and bookmarks (or "favorites") to insert into the respective browser menu during the CSD session.
Saving and Resetting the Running CSD Configuration
CSD saves all CSD configuration data to disk0:/sdesktop/data.xml.
Note To copy the configuration settings from one security appliance to another, transfer a copy of the disk0:/sdesktop/data.xml file to the flash device of the target security appliance. Disable and reenable CSD to read the disko:/sdesktop/data.xml file into the running CSD configuration.
CSD displays two buttons at the bottom of the CSD panes that interact with the disk0:/sdesktop/data.xml file. Use these buttons as follows:
•To save the running CSD configuration to the data.xml file, click Apply All.
•To overwrite all settings in the running CSD configuration with those stored in the data.xml file, click Reset All.