WebVPN Keystroke Logger Detection option

DJCanuck1_2 · ‎11-05-2008

I am wondering how many companies actually use the keystroke logger detection option within the CSD on the ASA. I have set this up to run for all my Clientless SSL VPN connections with varying results. I am posting this to see if anyone has successfully set up keystroke logger detection on the ASA or if companies rely on third party software to detect keystroke loggers.

dcsdecross · ‎11-06-2008

I use it on ASA5505 and it has found loggers on user's home PCs. It give us the extra "feel-good" factor of making sure user's home PC is clean.

DJCanuck1_2 · ‎11-06-2008

We are running it on a 5520 and have run into some blue-screen issues on some remote endpoints running both Windows XP and Vista. Looks to be a driver issue on the remote computer. I'm wondering if anyone else has experienced blue screen issues and what they did to solve this.

lascumbres · ‎11-28-2008

Wondering the same, we have just enabled it here and hey, the president's laptop reports two loggers one of it being the touchpad driver!

Dorothea

DJCanuck1_2 · ‎11-28-2008

I guess the determining factors are: 1. If you want to run the KLD scans, the user must have admin privileges. 2. Management of KLD results: Do you allow the user to check and verify results themselves(Uh...No) or do you turn on the admin control and maintain an acceptable list of safe modules? We are thinking admin control would be OK for a standard corporate image, but for home or kiosk computers? Who knows what is on those machines. Management nightmare..