Cisco Secure Desktop Configuration Guide for Cisco ASA 5500 Series Administrators, Release 3.4.1
CSD File Reference
Downloads: This chapterpdf (PDF - 148.0KB) The complete bookPDF (PDF - 2.28MB) | Feedback

CSD File Reference

Table Of Contents

CSD File Reference

Adaptive Security Appliance

Connecting Computers


CSD File Reference


The following sections identify the CSD files on the adaptive security appliance and computers connecting to the VPN:

Adaptive Security Appliance

Connecting Computers

Adaptive Security Appliance

Beginning with Version 3.4, the name format and target location of the CSD image is disk0:/csd_<n>.<n>.*.pkg. The image name format of versions earlier than 3.4 is securedesktop_asa_<n>_<n>*.pkg. The latest CSD image includes the Host Scan updates and Advanced Endpoint Assessment (AEA) remediation software. You must install and retain this image on the flash device of the ASA to enable CSD. To use the AEA, you must have an AEA license.

The adaptive security appliance config file retains the configuration settings in the Secure Desktop Manager > Setup panel when you click Apply All in that window. When you enable Secure Desktop Manager, it reads all other CSD configuration data from the disk0:/sdesktop/data.xml file on the flash device of the security appliance. Secure Desktop Manager automatically generates this file if it is not present. If you click Apply All in any other Secure Desktop Manager window, Secure Desktop Manager records the changes to the data.xml file. If you click Reset All in any Secure Desktop Manager panel other than Setup, Secure Desktop Manager replaces all data in the data.xml file with the factory default settings. Deleting the data.xml and enabling Secure Desktop Manager accomplishes the same result.

The ASDM Tools > Backup Configurations and Restore Configurations options let you back up and restore both the /sdesktop/data.xml file and CSD image.

You can also transfer a copy of the /sdesktop/data.xml file to the flash device of another ASA before enabling CSD on it if you want to duplicate the CSD configuration.

Connecting Computers

CSD 3.4.1 records log entries only to the hostscan.log file in the user's home folder. The location is dependent on the OS and VPN method, as follows:

Microsoft with AnyConnect Client start before logon (SBL): WINDOWS\system32\config\systemprofile\Application Data\Cisco

Microsoft without SBL: %APPDATA%\Cisco\Cisco HostScan

Apple Mac OS and Linux: ~/.cisco/hostscan (also accessed through $HOME/.cisco/hostscan). Both paths are case-specific.