Solved: Re: posture checking and software inventory

Tze Tai Mak · ‎09-29-2016

Dear all,

My customer is looking at using ISE for posture checking as well as software inventory (collecting the OS, patch, installed software information) to check if there is any unauthorized installed software and running green application.

For posture checking, how could ISE posture checking gets the list of windows patches missing and enforce for update (by WSUS?)?

I check that NAC profiler can perform some data search checking http://www.cisco.com/c/en/us/td/docs/security/nac/profiler/configuration_guide/311/Profiler311I-C/p_Util_tab31.html#wp1066923 and I also see that we can use powershell to check software inventory https://blogs.technet.microsoft.com/heyscriptingguy/2013/11/15/use-powershell-to-find-installed-software/

Do we have any ecosystem partner that can integrate with ISE and import software inventory information to ISE?

https://developer.cisco.com/site/identity-services-engine/overview/tech-overview.gsp

Tommy

kthiruve · ‎09-29-2016

HI Tomak,

You can use WSUS or SCCM for later Microsoft server platforms.

Please see detailed information here. Go to Cisco ISE --> posture and compliance section.

ISE Design & Integration Guides

Thanks

Krishnan

View solution in original post

kthiruve · ‎09-29-2016