Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
740
Views
0
Helpful
3
Replies

Posture Before User Login

ryanbess
Level 1
Level 1

‎02-08-2024 06:15 PM

Hi all,

Is it possible for posturing to happen when a user is not logged in?  A good use case would be to ensure all workstation have an up to date patch that addresses a Zero day.  If the Zero day patch is not found on a workstation then ISE could quarantine it.  It seems silly to not have this feature and to require a computer to have a user logged into it before posture assessment.  In my googling I've found older posts that say posture can ONLY be ran after a user logs in and I'm hoping that is still not the case. 

Labels:
0 Helpful
3 Replies 3

hslai
Cisco Employee
Cisco Employee

‎02-12-2024 05:24 PM

@ryanbess Ideally such task is done by a patch or endpoint management system. If you are unable to them, then you may try Agentless Posture.

0 Helpful

ryanbess
Level 1
Level 1
In response to hslai

‎02-12-2024 07:09 PM

Hi @hslai are you confirming that it is unable to provide this data at all or must a user be logged in for the agent to report this data?  We want to get away from agent less.  This is where forescout seems to excel.  It can return this level of data and provides software inventory for all OS’s.  I understand tools have limitations, trying to learn if this is just one of those limitations.

0 Helpful

hslai
Cisco Employee
Cisco Employee
In response to ryanbess

‎02-12-2024 09:35 PM

@ryanbess ISE agentless posture does include application inventory and hardware inventory. The regular ISE posture agent is by design to interact with the logged-in user. We do have a similar feature request in our backlog.

0 Helpful
Customers Also Viewed These Support Documents