Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

csa - policy

can someone help please

1) all remote users who use laptop should not use any internet service without connecting to VPN ( ftp,http, https, downloads of any file, p2p)ftp should not be allowed even from command prompt

2) no user even in administrator group should be able to disable the csa service but only the local administrator.

3) users should only connect to allowed wireless networks

4)nobody should be able to use any removable media. can they be restricted to a certain zip drives?

all these users are currently running in test mode. i would like the above modules and the default modules for unknow virus, malware and rootkit to run in protected mode.




Re: csa - policy

when you configure a policy, you are combining multiple rule modules under a common name. That policy name is then attached to a group of hosts and the group uses the rules that comprise the policy to control the actions that are allowed and denied on those hosts. You can have several different types of rules in a rule module and consequently within one policy. The policy level is the common ground by which host groups acquire the rules that make up their security policy. You can attach rule modules of differing architectures to the same policy. This way, you can configure task-specific, self-contained, inclusive policies across all supported architectures (Windows, Solaris, Linux) for software that is supported on all platforms.