Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
626
Views
0
Helpful
1
Replies

Client Provisioning Policy

Ali
Level 4
Level 4

‎02-25-2018 10:59 PM - edited ‎02-21-2020 10:46 AM

Hello Community,

 

I am New to ISE 2.1 and getting confused while understanding Posture policy

why do we need to define CPP Policy separate.

we define posture conditions under "Policy Elements > Conditions  > Posture"

and then Action items under   "Policy Elements > Results  > Posture"

I think we call the above condition and results which we created under Posture Policy - Correct me if I am wrong here

then what is the use of CPP ?

 

Suggestions would be very helpful.

Thanks

 

Labels:
0 Helpful
1 Reply 1

Ben Walters
Level 3
Level 3

‎02-26-2018 06:25 AM - edited ‎02-26-2018 06:44 AM

Here is the basic difference between posture policies and client provisioning.

 

Posture: These are policies that are related to any sort of program/files/updates/etc. that exist on the client.  

 

Client Provisioning: These policies are really only related to Cisco AnyConnect or posture modules from ISE.

 

For example you may have a posture policy to check AV status, and if the endpoint AV is out of date you might put it in a VLAN where it can only hit the AV update server. Once the AV is up to date the endpoint is allowed normal network access. Now you have a client provisioning policy to push out the XML file for the AnyConnect corporate VPN connection, it sees that the endpoint doesn't have the correct XML file and now the client gets the updated XML from ISE.

 

Hopefully this gives some clarification between the 2 policies.  

0 Helpful
Customers Also Viewed These Support Documents