Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1056
Views
1
Helpful
2
Replies

ISE automatic posture remediation of anti-malware

Go to solution
mnkojima
Level 1
Level 1

‎03-23-2023 05:35 PM

Hello

we are about to start an ISE posture implementation and I would like to understand automatic remediation of our anti-malware.

In ISE, we just need to set the the remediation action and that is it? How will the client know how to download and install the anti-malware?

Thank you

Marcos

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rodrigo Diaz
Cisco Employee
Cisco Employee

‎03-24-2023 03:18 PM

hello @mnkojima , the remediation on ISE when it comes to anti-malware can be done automatic or manual es the following image shows 

RodrigoDiaz_0-1679695450168.png

The way it works , if you choose automatic this is going to be using  the OPSWAT framework that the module ISE posture module uses when performing posture specifically a library named OESIS , through this framework OPSWAT is going to upgrade automatically the anti-malware , if you chose to remediate manually the user will need to know how to perform the upgrade of the anti-malware that is contained in his machine, regardless of the method that you select , during the remediation stage you need to provide to this machine access to specific servers/connections to do such upgrades that are required in order to become compliant , please refer to https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_3_1/b_ISE_admin_31_compliance.html#concept_1B18C2D8101A41B7AD95EA59F4D8D8F7 where is described this . 

RodrigoDiaz_1-1679696124598.png

Let me know if that helped you .

 

View solution in original post

2 Replies 2

Go to solution
Rodrigo Diaz
Cisco Employee
Cisco Employee

‎03-24-2023 03:18 PM

hello @mnkojima , the remediation on ISE when it comes to anti-malware can be done automatic or manual es the following image shows 

RodrigoDiaz_0-1679695450168.png

The way it works , if you choose automatic this is going to be using  the OPSWAT framework that the module ISE posture module uses when performing posture specifically a library named OESIS , through this framework OPSWAT is going to upgrade automatically the anti-malware , if you chose to remediate manually the user will need to know how to perform the upgrade of the anti-malware that is contained in his machine, regardless of the method that you select , during the remediation stage you need to provide to this machine access to specific servers/connections to do such upgrades that are required in order to become compliant , please refer to https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_3_1/b_ISE_admin_31_compliance.html#concept_1B18C2D8101A41B7AD95EA59F4D8D8F7 where is described this . 

RodrigoDiaz_1-1679696124598.png

Let me know if that helped you .

 

Go to solution
mnkojima
Level 1
Level 1
In response to Rodrigo Diaz

‎03-25-2023 04:39 PM

Thank you very much Rodrigo

0 Helpful
Customers Also Viewed These Support Documents