Secure Desktop works great on some Windows instalations, but not on others
We did a pilot implementation of WebVPN with Cisco Secure Desktop. I believe Clientless WebVPN + Secure Desktop combo is great (think Internet Kiosks). Anyway, we found out that CSD works very-veeeeery slow on some workstations (unusuable).
This doesn't seem to be hardware-dependent, because on the very same laptop, with two windows installations on different partitions it works fine with one, but not with the other. The one that works has Windows XP with no service pack, only video driver and java installed. The one that doesn't work has Windows XP SP2 and various other software installed.
To summarize, after testing on various machines I found out that it works on:
- my laptop, fresh Win XP installation, no service pack
- windows 2000 server (IPCC server)
- one of my colleague's laptop (Windows XP SP2 with various other software installed)
It doesn't work (CSD works so slow that it's unusuable, CPU rises up to 99% when doing anything - opening browser window etc.) on:
- my laptop (Windows XP SP2)
- my home computer (Win XP SP2)
- lab laptop (Windows 2000, fresh installation, no other software installed)
- two of my colleagues' laptops (Windows XP SP2 with various other software installed)
The webvpn gateway is a Cisco 2801, with 12.4(6)T software, and CSD / SVC are the latest version (22.214.171.124 / 126.96.36.199).
Show Name: Thoughts on Security at Cisco Live US 2018 in Orlando
Contributors: Kevin Klous, Dave White Jr., Aaron Woland, Jeff Fanelli
Posting Date: June 2018
Description: The team goes on-site in the Cisco Live Speaker room in ...
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...