cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1876
Views
0
Helpful
2
Replies

Cisco AnyConnect and ISE Posture

john.dejesus
Level 1
Level 1

I have a scenario where in a corporate user connects to vpn and will go through posture check via ISE. Now if the user machine goes to compliant state, and intentionally disable/uninstall (e.g. windows firewall) can ISE detect this in real time and automatically re-scan? So if it detected that the firewall has been removed or disabled, ISE can issue a CoA push so that it will go to non-compliant state.

 

I tested this in my home lab and I can't make it work (see attached screenshot). Not sure which settings to tune in ISE. I can't find any documentation if this scenario is supported or not.

2 Accepted Solutions

Accepted Solutions

hslai
Cisco Employee
Cisco Employee

poongarg is correct that your best bet is to use PRA as ISE Posture does not trigger real-time detection of such activities.

View solution in original post

2 Replies 2

hslai
Cisco Employee
Cisco Employee

poongarg is correct that your best bet is to use PRA as ISE Posture does not trigger real-time detection of such activities.