03-14-2019 10:00 PM - edited 02-21-2020 11:03 AM
Hi,
Just wanting some confirmation whether it is possible in ISE 2.x to have an ISE posture check for any anti-virus/anti/malware installed and running on a supported endpoint with AnyConnect ISE Posture module?
The inbuild conditions in ISE can check for AV/AM installed and definition check however dont see any option to see if it is running/enabled... Have tried using an application condition (provision by category) with application state 'Installed' and 'Running' checked, however this just seems to collect application information rather than act as a posture check itself, and doesnt allow a remedation action to be set.
This is for AnyConnect VPN users.
Thanks,
dvan
03-28-2019 09:33 AM - edited 03-28-2019 09:35 AM
Please try the application visibility condition, which is introduced in ISE 2.2 Posture Enhancements. This works with AnyConnect ISE posture module and compliance module so please check the compatibility info at cs.co/ise-compatibility
Also, review ISE Posture Prescriptive Deployment Guide > Application Condition.
05-08-2019 01:39 PM
Did anyone found how to make it work? Thanks,
05-11-2019 10:59 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide