Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7040
Views
5
Helpful
3
Replies

Cisco ISE Posture check for Anti-Virus/Anti-Malware installed and running

dvan
Cisco Employee
Cisco Employee

‎03-14-2019 10:00 PM - edited ‎02-21-2020 11:03 AM

Hi,

 

Just wanting some confirmation whether it is possible in ISE 2.x to have an ISE posture check for any anti-virus/anti/malware installed and running on a supported endpoint with AnyConnect ISE Posture module?

 

The inbuild conditions in ISE can check for AV/AM installed and definition check however dont see any option to see if it is running/enabled... Have tried using an application condition (provision by category) with application state 'Installed' and 'Running' checked, however this just seems to collect application information rather than act as a posture check itself, and doesnt allow a remedation action to be set.

 

This is for AnyConnect VPN users.

 

Thanks,

dvan

3 people had this problem
0 Helpful
3 Replies 3

hslai
Cisco Employee
Cisco Employee

‎03-28-2019 09:33 AM - edited ‎03-28-2019 09:35 AM

Please try the application visibility condition, which is introduced in ISE 2.2 Posture Enhancements. This works with AnyConnect ISE posture module and compliance module so please check the compatibility info at cs.co/ise-compatibility

Also, review ISE Posture Prescriptive Deployment Guide > Application Condition.

 

0 Helpful

Dranik
Level 1
Level 1

‎05-08-2019 01:39 PM

Did anyone found how to make it work?  Thanks, 

0 Helpful

hslai
Cisco Employee
Cisco Employee
In response to Dranik

‎05-11-2019 10:59 PM

Screen Shot 2019-05-11 at 10.57.53 PM.png

Customers Also Viewed These Support Documents