06-09-2019 08:22 PM
Hi experts:
My customer wants to check the OS patch for MacOS and windows via anyconnect posture module.
I think posture cannot check the OS patch derictly, posture module need to active the sccm agent or os patch mangement agent for checking OS patch, and ISE just check whether the agent was updated, enabled or installed.
And the remediation for OS patch also need to active os patch agent to remediate.
I'm not sure it's correct or not, For OS patch checking, if have BP, kindly post it.
Thanks a lot for reply.
Best Regards
Solved! Go to Solution.
06-09-2019 11:27 PM
There are several ISE posture resources linked here:
https://community.cisco.com/t5/security-documents/ise-posture/ta-p/3657443
We can check both OS types for patch version although the capabilities vary between Windows and Mac OS as well as for whether you are using the temporal Agent of AnyConnect. Details are in the "ISE Posture Prescriptive Deployment Guide" which is among the resources linked above.
06-09-2019 11:27 PM
There are several ISE posture resources linked here:
https://community.cisco.com/t5/security-documents/ise-posture/ta-p/3657443
We can check both OS types for patch version although the capabilities vary between Windows and Mac OS as well as for whether you are using the temporal Agent of AnyConnect. Details are in the "ISE Posture Prescriptive Deployment Guide" which is among the resources linked above.
06-10-2019 01:20 AM
Thanks a lot for your help.
Have a nice day sir.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: