https://community.cisco.com/t5/network-access-control/posture-validation-in-audit-mode/m-p/4781935#M580066 <P>Dear Community,</P> <P>Does anybody know how the audit posture conditions are evaluated? Based on my understanding the audit conditions should be used to determine if a condition is good to go before changing it to mandatory.</P> <P>Right now we have 2 mandatory and a bunch of audit conditions, and the report looks like this:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="SzantaiNorbert_2-1677232886418.png" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/177339iEFDFE2A23289F5F3/image-size/large?v=v2&amp;px=999" role="button" title="SzantaiNorbert_2-1677232886418.png" alt="SzantaiNorbert_2-1677232886418.png" /></span></P> <P>And based on that we cannot be sure which condition is failing, which is OK, since all of the audit condition is failed, but the conditions are not even evaluated, they are skipped.</P> <P>ISE version: 3.1P5</P> <P>Regards,</P> <P>Norbert</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 24 Feb 2023 10:02:42 GMT SzantaiNorbert 2023-02-24T10:02:42Z https://community.cisco.com/t5/network-access-control/posture-validation-in-audit-mode/m-p/4781935#M580066 <P>Dear Community,</P> <P>Does anybody know how the audit posture conditions are evaluated? Based on my understanding the audit conditions should be used to determine if a condition is good to go before changing it to mandatory.</P> <P>Right now we have 2 mandatory and a bunch of audit conditions, and the report looks like this:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="SzantaiNorbert_2-1677232886418.png" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/177339iEFDFE2A23289F5F3/image-size/large?v=v2&amp;px=999" role="button" title="SzantaiNorbert_2-1677232886418.png" alt="SzantaiNorbert_2-1677232886418.png" /></span></P> <P>And based on that we cannot be sure which condition is failing, which is OK, since all of the audit condition is failed, but the conditions are not even evaluated, they are skipped.</P> <P>ISE version: 3.1P5</P> <P>Regards,</P> <P>Norbert</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 24 Feb 2023 10:02:42 GMT https://community.cisco.com/t5/network-access-control/posture-validation-in-audit-mode/m-p/4781935#M580066 SzantaiNorbert 2023-02-24T10:02:42Z https://community.cisco.com/t5/network-access-control/posture-validation-in-audit-mode/m-p/4782710#M580088 <P>Is there a Mandatory condition that is failing but not showing?<BR />"<SPAN>Posture checks are evaluated in the order of mandatory, optional, and audit. If a mandatory check fails, the related audit checks will not be carried out."</SPAN></P> Sat, 25 Feb 2023 17:28:40 GMT https://community.cisco.com/t5/network-access-control/posture-validation-in-audit-mode/m-p/4782710#M580088 Damien Miller 2023-02-25T17:28:40Z https://community.cisco.com/t5/network-access-control/posture-validation-in-audit-mode/m-p/4782722#M580089 <P>Unfortunately not, this is the full posture report. We have only 2 condition in mandatory, I10 and I11.</P> <P>Another report:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="SzantaiNorbert_1-1677350326784.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/177586i33B7FCC9CCD8C3B6/image-size/medium?v=v2&amp;px=400" role="button" title="SzantaiNorbert_1-1677350326784.png" alt="SzantaiNorbert_1-1677350326784.png" /></span></P> <P>&nbsp;</P> <P>And in that you can see that the posture status of the client is compliant, which means that all of the mandatory conditions were passed, but the audit conditions are marked as failed but they are skipped again.&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Sat, 25 Feb 2023 18:39:11 GMT https://community.cisco.com/t5/network-access-control/posture-validation-in-audit-mode/m-p/4782722#M580089 SzantaiNorbert 2023-02-25T18:39:11Z