04-29-2019 12:29 PM
Team,
I have a few questions regarding setting up Posture remediation actions in ISE:
Thanks,
-Dan
Solved! Go to Solution.
04-30-2019 07:21 AM
04-30-2019 07:21 AM
04-30-2019 02:34 PM
Following are answers to your questions:
1. You could use a script that would pull a file down and place it wherever you want. But that script would have to be prepositioned on the machines. In your remediation action, you would use launch program and specify your script information. Or it could just be a command-line that you launch to copy from a shared folder (i.e. "copy \\<server ip>\folder\filename C:\folder\filename").
2. Yes, you can stop, start, restart services using the launch program remediation action. The command would be "net start <servicename>" to start a service.
3. I assume you mean that you want to present a dialog box to the user but still allow them access to the network. If that is correct, then you would have to set that requirement to "optional." The problem is that for "optional" and "audit", all posture compliance shows as passed/compliant. You would have to run reports to see which endpoints failed on certain checks. Another option would be to process the Syslog events for "Posture and Client Provisioning Audit". You would have to script the processing or create a parser in your Syslog server tool.
HTH,
Colby
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: