https://community.cisco.com/t5/network-security/legacy-operating-systems/m-p/4604418#M1089808 <P>This is not easy or practical to do from FMC. You would need an accurate fingerprint identification of each host on the network, something that can potentially be done with nmap but prone to false positive/negative. Also, it only applies to hosts whose traffic transits the managed firewall(s).</P> <P>This sort of thing is more commonly done with a network access control (NAC) solution such as Cisco ISE using the Posture feature.</P> Wed, 04 May 2022 13:37:05 GMT Marvin Rhoads 2022-05-04T13:37:05Z https://community.cisco.com/t5/network-security/legacy-operating-systems/m-p/4604416#M1089807 <P>FMC Policy to block legacy operating systems from network access. How can I create a policy to block operating systems such as XP, Vista etc... ?</P> Wed, 04 May 2022 13:31:50 GMT https://community.cisco.com/t5/network-security/legacy-operating-systems/m-p/4604416#M1089807 mbenz 2022-05-04T13:31:50Z https://community.cisco.com/t5/network-security/legacy-operating-systems/m-p/4604418#M1089808 <P>This is not easy or practical to do from FMC. You would need an accurate fingerprint identification of each host on the network, something that can potentially be done with nmap but prone to false positive/negative. Also, it only applies to hosts whose traffic transits the managed firewall(s).</P> <P>This sort of thing is more commonly done with a network access control (NAC) solution such as Cisco ISE using the Posture feature.</P> Wed, 04 May 2022 13:37:05 GMT https://community.cisco.com/t5/network-security/legacy-operating-systems/m-p/4604418#M1089808 Marvin Rhoads 2022-05-04T13:37:05Z