Cisco VPN 2.0: Implementing Cisco Secure Desktop and DAP for SSL VPNs

This course is included in our On-demand training solution.


An important requirement of VPNs is to provide host security at the endpoint. This ensures hosts that connect to the trusted network and to provide high availability and high performance are secure. Cisco Secure Desktop enables administrators to provide a higher level of security to untrusted endpoints with dynamically downloadable ActiveX components.
Cisco Secure Sockets Layer (SSL) VPN solutions provide organizations with robust and flexible products for protecting their security and the privacy of their information; Cisco SSL VPN solutions can also play an important part in the compliance strategies of an organization. Cisco Secure Desktop technology interoperates with the endpoint operating system and can ensure the removal of all data, especially from an untrusted system with potentially malicious third-party software installed.
You can deploy Cisco Secure Desktop to reduce the risks posed by untrusted endpoints that connect to an enterprise network via a clientless SSL VPN or Cisco AnyConnect client session. Cisco Secure Desktop, in combination with other security controls and mechanisms, helps reduce the risks that are associated with using clientless and full-tunnel SSL VPNs. This course describes how to implement Cisco Secure Desktop for both clientless and full-tunnel SSL VPNs.

Target Audience

Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security designation. Cisco Network Security Engineers responsible for the selection, configuration, and the troubleshooting of the majority of Cisco ASA adaptive security appliance perimeter security features to reduce risk to IT infrastructure and its applications within their networking environments. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure, as well as working knowledge of the Microsoft Windows operating system. Candidates who have completed the Cisco Certified Network Associate (CCNA), the Cisco Certified Network Associate Security (CCNA Security), the Securing Networks with Cisco Routers and Switches (SECURE) v1.0, and the Deploying Cisco ASA Firewall Solutions (FIREWALL 2.0) Certifications.


Expected Duration

120 min.

Course Objectives

Selecting Cisco AnyConnect Network Admission Features

  • describe Cisco AnyConnect full-tunnel SSL VPN network admission features
  • describe the considerations involved in enabling Cisco Secure Desktop functions
  • Installing and Customizing Cisco Secure Desktop

  • describe the considerations involved in Cisco Secure Desktop deployment
  • Configuring Prelogin Criteria

  • describe how to configure and verify Cisco Secure Desktop prelogin criteria on a Cisco ASA security appliance SSL VPN gateway
  • Prelogin Policies

  • match the actions you can apply to prelogin policies to their descriptions
  • describe how to configure and verify Cisco Secure Desktop prelogin policies on a Cisco ASA security appliance SSL VPN gateway
  • Configuring Advanced Endpoint Assessment

  • describe the purpose of the Cisco Secure Desktop Advanced Endpoint Assessment extension
  • Secure Desktop with DAPs Overview

  • describe how DAP on the Cisco ASA is used in authorization operations
  • Configuring Cisco Secure Desktop-enabled DAP Policies

  • describe the tasks used to configure Cisco Secure desktop-enabled DAP policies
  • Integrating Cisco Secure Desktop with DAPs

  • describe the tasks used to integrate Cisco Secure Desktop with DAP
  • Troubleshooting Cisco Secure Desktop Operation

  • sequence the steps to troubleshoot Cisco Secure Desktop operations on a Cisco ASA security appliance SSL VPN gateway