06-09-2019 08:22 PM
Hi experts:
My customer wants to check the OS patch for MacOS and windows via anyconnect posture module.
I think posture cannot check the OS patch derictly, posture module need to active the sccm agent or os patch mangement agent for checking OS patch, and ISE just check whether the agent was updated, enabled or installed.
And the remediation for OS patch also need to active os patch agent to remediate.
I'm not sure it's correct or not, For OS patch checking, if have BP, kindly post it.
Thanks a lot for reply.
Best Regards
Solved! Go to Solution.
06-09-2019 11:27 PM
There are several ISE posture resources linked here:
https://community.cisco.com/t5/security-documents/ise-posture/ta-p/3657443
We can check both OS types for patch version although the capabilities vary between Windows and Mac OS as well as for whether you are using the temporal Agent of AnyConnect. Details are in the "ISE Posture Prescriptive Deployment Guide" which is among the resources linked above.
06-09-2019 11:27 PM
There are several ISE posture resources linked here:
https://community.cisco.com/t5/security-documents/ise-posture/ta-p/3657443
We can check both OS types for patch version although the capabilities vary between Windows and Mac OS as well as for whether you are using the temporal Agent of AnyConnect. Details are in the "ISE Posture Prescriptive Deployment Guide" which is among the resources linked above.
06-10-2019 01:20 AM
Thanks a lot for your help.
Have a nice day sir.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide