Greetings,
I have not found an answer searching, so thought I would ask.
They are looking at using ISE to on-board wireless devices. The issue I am running into is checking domain status to redirect to internal network.
Per other documents, we do not use EAP-Fast, and they do not want to use AnyConnect due to licensing.
My issue is I can Posture for the registry key, but already posture for AV definition date and a fail on the domain key would also cause a general fail.
I'm at a loss for a condition to check for domain status that can be used with the Authorization Rules.
Basically, if it's a mobile device, I check MDM for compliance. This works fine
For a workstation, I want to check domain status and AV status to decide on quarantine, internal, or external network.