Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3589
Views
5
Helpful
22
Replies

Cisco Secure Desktop on FTD

andypowernet85
Visitor

‎03-10-2025 07:01 AM

Afternoon,

When browsing to the public IP of the FTD managed by FMC, I am being  directed to /CACHE/sdesktop/install/start.html and presented with a Cisco Secure Desktop page.  Does anyone know this can be disabled and why it is being presented?

Regards,

1 person had this problem
0 Helpful
22 Replies 22

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to ronnie.shih

‎04-22-2026 07:06 AM

@ronnie.shih you can expect the update to be rolled up in 10.1.0 ca. July this year.

7.7. might not get updated since it is now past-EoS. https://www.cisco.com/c/en/us/products/collateral/security/firepower-ngfw/ftd-ftdv-7-7-fmc-fmcv-7-7-fxos-2-17-eol.html

0 Helpful

ronnie.shih
Level 1
Level 1
In response to Marvin Rhoads

‎04-22-2026 07:27 AM

That link shows product affected as:  Threat Defense software 7.7 for 1200 Series Firewall.  But we run threat defense virtual in Azure.  Is it still end of life?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to ronnie.shih

‎04-22-2026 07:41 AM

I believe that information in table 2 of the announcement is incorrect.

7.7 is end of sales no matter what platform (not "end of life" yet - it will continue to be supported until September 2028)

0 Helpful

ronnie.shih
Level 1
Level 1

‎08-28-2025 07:29 AM

I am facing this same issue, except, we have dynamic access policy for endpoint posture scan enabled.  Our security team flagged and hunted after me saying "why are our FTDs showing this cisco secure desktop page?" and is there anyway to disable it?  I configured a group-url, inserted "without-csd" flag under webvpn along with a keepout message.  Cisco secure desktop page now does not show, but at the same time, posture scan is no longer happening.  

So is there a way to make dynamic access policy with posture scan work without showing the cisco secure desktop page when browsing to the vpn access URL of the FTD?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to ronnie.shih

‎08-28-2025 08:11 AM

@ronnie.shih unfortunately, no. Enabling DAP with posture scanning means you will see the CSD page, even though that feature is not in use. I doubt this will ever change since it is mostly a legacy feature and not being actively developed/enhanced.

0 Helpful

ronnie.shih
Level 1
Level 1

‎08-28-2025 06:27 PM

Is there such a thing as a new posture scan option in FTD for endpoints vpn-in?  Or is DAP with hostscan package still the only option?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to ronnie.shih

‎08-28-2025 07:17 PM

@ronnie.shih nothing specific to FTD - DAP with hostscan continues to be the only options there.

If you offload posture to Cisco ISE, it can handle the function (and much more) as part of the Authorization conditions and associated results.

kcavanagh
Community Member

‎10-29-2025 06:04 AM

We are implementing SAML. My understanding is that it will then bypass DAP on Cisco and use whatever CAP you have defined in Entra.  Would we then remove HostScan and be able to use Flexconfig to shutdown CSD?  We found that portal-access-rule 1 deny also blocked SAML, because it blocked the the successful connection pop-up window. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card