cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
163
Views
1
Helpful
2
Replies

ISE posture checks for either one antimalware software is installed

M1N10N
Level 1
Level 1

Policy Creation for Anti-Malware Compliance

In our environment, we have two types of anti-malware solutions, the requirement is to ensure that each device has at least one of these anti-malware solutions installed, and that their virus definitions are always up to date. How this can be enforced using Cisco ISE posture checks.

Challenge:

When setting up a posture compliance policy to ensure that at least one of the anti-malware solutions is active on endpoint and its virus definitions are current. While it’s possible to set the "OR" condition for installation, but the remediation logic not able to create checking both anti-malware definitions under a single requirement.

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

I have seen and condition most of the use case what we tried for the remediation.

Worth exploring the document see if you can find any information - also what ISE version check the new features added on new version if that is your requirement not have that option on your version of ISE :

https://community.cisco.com/t5/security-knowledge-base/ise-posture-prescriptive-deployment-guide/ta-p/3680273

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2024/pdf/BRKSEC-3077.pdf

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Can't you create multiple requirements and then add them to the posture policy? that should work.