Solved: Re: ISE windows Patch management Query /Alternative suggestion

Ajaykumar · ‎06-06-2019

Hello Team ,

For windows Patch management , enabling the policy to check whether the Critical Patches are available on the desktops and are up to date or not . this is not working as expected since it is relying on the SCCM agent information. This mechanism at times does not work properly as many times SCCM agent doesn’t populate the information about patches availability on the desktops.

need to know if we have some alternate way or mechanism to overcome this issue (relying on SCCM agent info).

Looking forward to your response/Suggestions .

Thanks ,

Ajay

Nidhi · ‎06-17-2019

Posture check for patch management depends on what is shown in the SCCM client.

the other flow could be to integrate SCCM as MDM and check for compliance.

the details of which can be found here - https://community.cisco.com/t5/security-documents/how-to-integrate-cisco-ise-with-microsoft-sccm-for-patch/ta-p/3725035

Thanks,

Nidhi

View solution in original post

Nidhi · ‎06-17-2019

Posture check for patch management depends on what is shown in the SCCM client.

the other flow could be to integrate SCCM as MDM and check for compliance.

the details of which can be found here - https://community.cisco.com/t5/security-documents/how-to-integrate-cisco-ise-with-microsoft-sccm-for-patch/ta-p/3725035

Thanks,

Nidhi