Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
238
Views
0
Helpful
2
Replies

Posture Policy Precedence

henokk60
Level 1
Level 1

‎07-23-2025 05:27 AM

Hi All

I have created two different posture policies for our corporate organizational units/departments, as some environments are riskier and I wanted to minimize potential disruption. In the first policy, under the "Other Conditions" column, I specified FinanceOU, and set all the conditions in the "Requirements" field to Audit mode. Below this policy, I added another policy that applies to all remaining departments, and its conditions are set to Mandatory.

However, when reviewing the logs, I noticed that devices from the Finance department are matching both posture policies. I initially thought the posture policy would behave like ACLs, processing from top to bottom and stopping at the first match. What did I miss, and how can I fix this?

Thanks

0 Helpful
2 Replies 2

MHM Cisco World
VIP
VIP

‎07-23-2025 05:34 AM

Posture is run after user is authc as a condition of authz 

It not run always and for all device 

MHM

0 Helpful

henokk60
Level 1
Level 1
In response to MHM Cisco World

‎07-23-2025 05:41 AM

@MHM Cisco WorldThank you for your reply. I got your point and After authentication, it comes to authorization, so how can we determine which posture policy will be applied for each department?

0 Helpful
Customers Also Viewed These Support Documents