cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1802
Views
0
Helpful
11
Replies

Cisco ISE 1.2.x with Posture Configuration - Windows Patches

Mafiaboy401
Level 1
Level 1

Hi, Anybody has any experience in integrating Cisco ISE Posture with Microsoft SCCM?

With WSUS this works fine, but with SCCM I don't have any idea how to proceed. Anybody knows what it's included in the predefined rules

pr_WSUSRule and pr_WSUSCheck? I can't find any information in ISE Console or Cisco documentation.

 

Thanks.

1 Accepted Solution

Accepted Solutions

Venkatesh Attuluri
Cisco Employee
Cisco Employee

Once agent performs the posture checks containing the windows hotfix checks, if the administrator configured the Launch Program Posture Remediation , agent will launch the script file which will initiate the windows hotfix updates via SCCM client configuration manager pre-installed/pre-configured on the box.

View solution in original post

11 Replies 11

Venkatesh Attuluri
Cisco Employee
Cisco Employee

Once agent performs the posture checks containing the windows hotfix checks, if the administrator configured the Launch Program Posture Remediation , agent will launch the script file which will initiate the windows hotfix updates via SCCM client configuration manager pre-installed/pre-configured on the box.

I will try this configuration.

 

 

Thanks,

 

 

Hi, Mafiaboy,

Are you using the NAC Agent to posture the workstation ?  I have read somewhere for now the NAC Agent only support WSUS. I have opened a TAC case.  Also, have you tried the configuration mentioned above.  Did it solve your issue ?

Thanks !

Tony

 

Hi tonyp8581,

Did you get any update from TAC? As I am also facing same issue with SCCM , Windows Posture Remedation is not working 

 

Regards

 

 

Hi Gade,

I met Cisco Rep. a couple of weeks ago and said SCCM support will be introduced in a later release.  For now, he had no official date.

If I have more information, I will definitely post it.

Regards !

Tony

 

 

Most probably on ISE 2.0, but not official date yet.

 

Rergards,

 

Erlan

Thanks for the info Erlan,

Tony

 

Hi All,

Now SCCM is supported on ISE 1.4, see the attached screen.

Hi, pemasirid,

In your screen shot, SCCM is clearly shown.  But it's strange, i just went through the Release notes v1.4 and there's no mention of SCCM in the new features section.

I'm curious, do you have v1.4 in production ? If yes, is SCCM working correctly ?

Thanks !

Tony

 

 

Hi Tony,

Seems they forgotten to include in release note and I have raised the same with Cisco, they said they will create document bug on this and may include later.

I did upgrade on lab setup and did some R&D but seems need to know proper procedure and process etc before implement on production.

Thanks

Thanks for the update pemasirid !

I will definitely check it myself.  Cheers !