Home » Cisco » 210-260 v.2 » Which statements about smart tunnels on a Cisco firewall are true?
Which statements about smart tunnels on a Cisco firewall are true? (Choose two.)
A. Smart tunnels can be used by clients that do not have administrator privileges
B. Smart tunnels support all operating systems
C. Smart tunnels offer better performance than port forwarding
D. Smart tunnels require the client to have the application installed locally
Correct Answer: AC
Explanation/Reference:
Explanation:
Tunnel offers better performance than browser plug-ins.
Port forwarding is the legacy technology for supporting TCP-based applications over a Clientless SSL VPN connection. Unlike port forwarding, Smart Tunnel simplifies the user experience by not requiring the user connection of the local application to the local port.
Smart Tunnel does not require users to have administrator privileges.
Smart Tunnel does not require the administrator to know application port numbers in advance.
Reference: http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/tunnel.pdf
AC
Smart tunnel access lets a client TCP-based application use a browser-based VPN connection to access a service. It offers the following advantages to users, compared to plug-ins and the legacy technology, port forwarding:
– Smart tunnel offers better performance than plug-ins.
– Unlike port forwarding, smart tunnel simplifies the user experience by not requiring the user connection of the local application to the local port.
– Unlike port forwarding, smart tunnel does not require users to have administrator privileges.
AD
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/asdm71/vpn/asdm_71_vpn_config/webvpn-configure-policy-group.html
support OS which can run Web and Java, not all OS can do this..