File Objects

Use the Add and Edit File Object dialog boxes to create, and edit file objects. File objects represent files used in configurations, typically for remote access VPN policies. They can contain Secure Client Profile and Secure Client Image files.

Profiles are also created for each AnyConnect module and Secure Client Management VPN using independent profile editors and deployed to administrator-defined end user requirements and authentication policies on endpoints as part of Secure Client, and they make the preconfigured network profiles available to end users.

When you create a file object, the management center makes a copy of the file in its repository. These files are backed up whenever you create a backup of the database, and they are restored if you restore the database. When copying a file to the platform to be used in a file object, do not copy the file directly to the file repository.

When you deploy configurations that specify a file object, the associated file is downloaded to the device in the appropriate directory.

You can click one of the following options against each file:

  • Download Click to download the Secure Client file.

  • Edit Modify the file object details.

  • Delete Delete the Secure Client file object. When you delete a file object, the associated file is not deleted from the file repository, only the object is deleted.

Navigation Path

Objects > Object Management > VPN > Secure Client File.

Fields

  • Name—Enter the name of the file to identify the file object; you can add up to 128 characters.

  • File Name—Click Browse to select the file. The file name and full path of the file are added when you select the file.

  • File Type—Choose the file type corresponding to the file you have selected. The following file types are available:

    • Secure Client Image—Select this type when you add the Secure Client image you have downloaded from the Cisco Software Download Center.

      You can associate any new or additional Secure Client images to the remote access VPN policy. You can also unassociate the unsupported or end of life client packages that are no longer required.

    • Secure Client VPN Profile—Choose this type for the Secure Client VPN profile file.

      The profile file is created using the GUI-based Secure Client Profile Editor, an independent configuration tool. See the Secure Client Profile Editor chapter in the appropriate release of the Cisco Secure Client (including AnyConnect) User Guide for details.

    • Secure Client Management VPN Profile—Select this type when you add a profile file for the Secure Client management VPN tunnel.

      Download the Secure Client VPN Management Tunnel Standalone Profile Editor from Cisco Software Download Center if you have not done already and create a profile with required settings for the Secure Client management VPN tunnel.

    • AMP Enabler Service Profile—The profile is used for the Secure Client AMP Enabler. The AMP Enabler along with this profile is pushed to the endpoints from threat defense when a remote access VPN user connects to the VPN.

    • Feedback Profile—You can add a Customer Experience Feedback profile and select this type to receive information about the features and modules customers have enabled and use.

    • ISE Posture Profile—Choose this option if you are adding a profile file for the Secure Client ISE Posture module.

    • NAM Service Profile—Configure and add the NAM profile file using the Network Access Manager profile editor.

    • Network Visibility Service Profile—Profile file for Secure Client Network Visibility module. You can create the profile using the NVM profile editor.

    • Umbrella Roaming Security Profile—You must select this file type if you are deploying the Umbrella Roaming Security module using the .json file created using the profile editor.

    • Web Security Service Profile—Select this file type when you add a prole file for the Web security module.

    • Secure Firewall Posture Package—Select this file type when you add a Secure Firewall Posture Package file. This file is used while configuring a Dynamic Access Policy (DAP) to collect information about the operating system, anti-virus, anti-spyware, and firewall software installed on the endpoints.

    • Secure Client External Browser Package—This file type is for selecting an external browser package file for SAML single sing-on web authentication.

      You can add an the package file when a new version of the external package file is available.

      For more information, see Configure AAA Settings for Remote Access VPN.

  • Description—Add an optional description.