Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1687
Views
0
Helpful
2
Replies

ISE Posture - Windows Updates "Message Text Only" remediation doesn't trigger non-compliant

fedor.solovev
Spotlight
Spotlight

‎01-21-2021 02:32 PM - edited ‎01-21-2021 02:37 PM

Hello, guys.
Does anyone know should the ISE Posture module trigger non-compliant state if:

- connect via VPN with the ISE Posture module
- there are no last Windows updates installed

- the posture requirement has a condition: pr_WSUSRule

- the posture requirement has a remediation action: Message Text Only

- the final posture state is compliant


Since the last patches are not installed, the expected move is to change the posture status to non-compliant.
It doesn't happen.


I confirm that if this is a remediation from "Windows Server Update Services Remediations" section, the ISE Posture module trigger windows to install missing patches followed by compliant state.

0 Helpful
2 Replies 2

Mike.Cifelli
VIP Alumni
VIP Alumni

‎01-22-2021 05:56 AM

Is it possible the CoA is failing when session is moving from unknown to noncompliant? Are you able to share your ISE authz policies? Do you have separate flows for unknown, compliant, & non-compliant?  What is your AC posture scan summary depicting on a test client, is it for sure missing patches & failing the specific check?

0 Helpful

Marcelo Morais
VIP
VIP

‎01-22-2021 07:23 AM

Hi @fedor.solovev ,

 beyond what @Mike.Cifelli said.

 Please double check the Mandatory x Audit info on the Result Summary (Work Center > Posture > Troubleshoot) > Requirements column of the pr_WSUSRule condition.

0 Helpful
Customers Also Viewed These Support Documents