10-03-2018 05:47 AM
I have a customer currently running ISE 2.2 patch 9 in an AnyConnect VPN Solution that used ISE Posturing. They have recently started to look to deploy the latest version of OS X (10.14) and it has been discovered that 10.14 is not in their list for OS X versions. It has also been discovered now that they have not updated their posture in ISE using the posture feed service or update function since January. They have some concerns and questions now over utilizing this service to update their posture in ISE. I was wondering if anyone may be able to assist in answering the questions below.
The first one is there a way to see the difference in the versions that get applied? The customer hasn’t updated using service since January and would like to know the differences in versions.
The next one is if they apply the updated versions and they experience any issues is there a way to roll it back or should this even be a concern? They have concern that if an issue is introduced if there is a way to back out.
Finally they would like to know if there is a best practice on whether to set the service as manual or automatic and if automatic how often should the service look to update?
Thank you in advance for any assistance.
10-03-2018 09:08 AM
Hi,
First of all, both the offline update & automatic update will be having same file.
offline update can be used where If ISE does not have Internet access or not allowed due to security policy.
The following software elements are available at posture feed:
– Cisco predefined checks and rules
– Windows and Mac OS X AV/AS support charts
– Cisco ISE operating system support
For automatic update,you can keep default value(every 2 hours)
10-03-2018 02:33 PM
Thank you Aravind for the response.
After speaking with the customer some more their concern is more towards if there is any roll back procedure for in the event there is an issue introduced from an update. They also want to know if there is anything public facing that would be equivalent of release notes but for any updates that do come out.
10-03-2018 04:02 PM
10-10-2018 12:37 PM
Roll back is not applicable in this case, as it will be having support chart and version of the software’s.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide