01-26-2018 12:45 PM - edited 03-08-2019 05:46 PM
is there any way to know or scan a network where my computers resides and know if a computer is not running AMP for Endpoint and install it??
01-27-2018 02:49 AM
One option is use ISE posture checking and client provisioning.
Some AMP customers use other methods, including Active Directory policies or the AnyConnect AMP enabler module.
01-27-2018 06:04 AM
I agree - AD GPOs or some sort of network access control that checks posture is the best way.
I have used ISE for just this quite nicely with a customer. It's part of a much larger set of things ISE can do and does require Base + Apex licenses.
The best solution for you depends a lot on what your infrastructure currently looks like - how many computers, locations etc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide