06-03-2020 01:08 PM
Hello All,
ISE: v2.3.0.298 Patch 3
We are going to be moving from Symantec AV to CrowdStrike AV. I believe the product is called Falcon and it's currently on Version 5.
Looking through the Posture Conditions in ISE, I only see options for:
- ANY
- Falcon v2.x
- Falcon v3.x
Does my ISE version have anything to do with me not seeing Falcon v5.x ?
Thanks in Advance,
Matt
Solved! Go to Solution.
06-05-2020 01:29 PM
06-04-2020 05:32 AM
06-05-2020 07:15 AM
Hi @Matthew Martin ,
AV is legacy (used in Compliance Module 3.x or earlier). Instead, use Anti-Malware. Your version (and others) is available.
06-05-2020 08:24 AM
06-05-2020 10:40 AM
So I created a new Posture Policy that checks for the CrowdStrike Anti-malware. I deleted my device from Context Visibility > Endpoints to force it to Reposture since it posture checks every 1 Day. When I reconnected to VPN I'm getting the System Scan Remediation window that's telling me that I don't have CrowdStrike installed.
Any ideas? It's definitely installed.
I created the Posture Requirement so that the device can have either Symantec OR CrowdStrike. It worked while I still had Symantec installed. Then after I uninstalled Symantec and installed CrowdStrike, Posture check now fails.
Thanks,
Matt
06-05-2020 01:29 PM
06-05-2020 11:09 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide