Windows Client Cleanup

The temporary files generated on the client computer during an SSL VPN ses- sion, could pose a security threat. These files can be misused to obtain confi- dential information. To eliminate this threat, the SSL VPN browser plug-in supports the cleanup of the files after the SSL VPN session is closed. This fea- ture, however, needs to be enabled by the system administrator. If the system administrator enables this feature, a client cleanup dialog window is displayed when you log off from the SSL VPN session. This feature is explained in this section.

3.3.1

Windows Client Cleanup Dialog

When you select the Logout button from the Secure Remote Session window, you may be presented with the Client Cleanup dialog discussed here. If your VPN administrator has configured the SSL VPN to not present this dialog, you will not see it when you log out.

Figure 3-2 Cleanup dialog box

The system administrator can also configure the system to delete some groups of files before this dialog box is displayed. In this scenario, the options corre- sponding to these configured groups are disabled when this dialog box is dis-

This dialog box provides four options.

• If you click the ‘Cleanup’ button, the plug-in opens another dialog box (which is detailed shortly) that allows you to select individual files for removal based on the check boxes you select along the left side of this dia- log box.

• If you click the ‘View logfile’ button, you will be presented with a log of the cleanup mechanism’s actions during this session.

• Selecting the ‘Launch browser and Exit’ button, the session will log out and the Login page is displayed again.

• If you click the ‘Exit’ button, the plug-in exits.

The following sections explain the check box options in this window.

Clean up browser cache, cookie, and temporary files

When you select this option and click the ‘Cleanup’ button, data that is stored in the browser cache is selected for deletion by the plug-in. Browser caching improves performance by storing local copies of data accessed via the Web. The system supports the deletion of all cached files, which have been accessed/created during the SSL VPN session, and does not differentiate between files cached from the intranet or internet web sites. The plug-in also supports the cleanup of temporary files and cookies.

Clean up history and browser typed URLs in the address bar

When you select this option , all the URLs stored by the browser and history data added during this session are deleted by the plug-in. This requires that all browser windows be closed in order to clean up this information.

Clean up password and auto complete information stored by IE

Selecting this option will add all of the auto complete data that Internet Explorer stored during your session. This auto complete data includes any user credentials, user names and passwords, credit card numbers and any other data entered while filling in forms on web sites.

Close file transfer browser window

When you select this option and click the Cleanup and Exit button, all the directory and file information, buffered by the File transfer browser, are deleted by the plug-in. This can also occur if the file transfer window is active when the SSL VPN session is terminated. Close this window before you exit the SSL VPN session.

Clean up ActiveX Browser Plug-in

When you select this option and click the Cleanup and Exit button, the plug-in is deleted from the hard disc of the client computer.

Clean up Client Authentication Certificate

If SSL Client Certificate Authentication was used during your session, you would use this option to select residual certificates stored on your system by the SSL authentication process.

Clean up application data created by IE

Selecting this option will allow the cleanup process to remove all non-roaming classified (not stored on an external server) application data such as user pref- erences, temporary files, application state information, etc. that were created locally during the session.

Close all applications, which have accessed the SSL VPN services

When you select this option and click the Cleanup and Exit button, the plug-in closes certain processes. These processes correspond to the applications that access the SSL VPN service during the SSL VPN session. This will prevent the leakage of sensitive information buffered by the application.

3.3.2

Client Cleanup Item Listing Dialog

When you select the Cleanup button from the Client Cleanup dialog, you will be presented with the window shown in the following figure. The items that populate this dialog are shown based on the options you select from the previ- ous Client Cleanup dialog.

The listing is broken up in to two sections. The upper listing section includes all the browser cache, cookies, and URL files marked for deletion. The lower sec- tion lists all the other items selected for removal which are WIndows Registry Entries.

Each item in these two listings has a checkbox before it that you may use to individually select and deselect items for clean up.

The buttons on this page perform the following actions.

• Check All: Clicking this button will mark all items in the listings for removal.

• Uncheck All: Using this button will unmark all the items in the listings. • Cleanup!: This button initiates the clean up procedure. Once you click this

• Exit: This button exits the dialog, returning you to the Client Cleanup win-

dow. If you have not selected the Cleanup! button, no items will be removed when you click the exit button.

Troubleshooting the SSL VPN