Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1829
Views
13
Helpful
3
Replies

How is posture reassessment triggered

Go to solution
SMD28316
Level 1
Level 1

‎02-19-2022 10:12 PM

I am trying to understand what triggers posture reassessment, in my lab I tested refreshing GPO with gpupdate /force command and the anyconnect system scan restarted, this was reproduced on some computers but not all, I wonder what triggers this and how can I control it .

1 Accepted Solution

Accepted Solutions

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎02-21-2022 08:57 AM

-Also, take a look at this to see general reasons that trigger the discovery process: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/215419-ise-session-management-and-posture.html#anc16

ISE posture module designed to monitor a limited amount of events on the endpoint to trigger a discovery process. List of events which trigger discovery:

  • Initial ISE posture module installation.
  • User login.
  • Power events.
  • Interface status change.
  • OS resume after sleep.
  • Default Gateway (DG) change. 
     

     

  • New dot1x authentication, PC unlock, IP address change are not detected by the ISE posture module.

View solution in original post

3 Replies 3

Go to solution
marce1000
VIP
VIP

‎02-19-2022 11:37 PM

 

 - FYI : https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_010111.html#task_32E33C6631054F32983F532D4A2383CE

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎02-21-2022 08:57 AM

-Also, take a look at this to see general reasons that trigger the discovery process: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/215419-ise-session-management-and-posture.html#anc16

ISE posture module designed to monitor a limited amount of events on the endpoint to trigger a discovery process. List of events which trigger discovery:

  • Initial ISE posture module installation.
  • User login.
  • Power events.
  • Interface status change.
  • OS resume after sleep.
  • Default Gateway (DG) change. 
     

     

  • New dot1x authentication, PC unlock, IP address change are not detected by the ISE posture module.

Go to solution
thomas
Cisco Employee
Cisco Employee

‎03-06-2022 08:49 PM

Consider watching

Security Compliance using ISE Posture
16:52 Posture Deployment Options
18:20 Posture Flow
19:45 Demo: AnyConnect Posture with Windows 10
34:02 Demo: AnyConnect Stealth
37:29 Demo: AnyConnect Temporal
42:04 Agentless Posture Flow
43:44 Demo: Agentless Posture

 

or watch the Posture Configuration Series

Customers Also Viewed These Support Documents