We are in the ISE PoC with v2.1 and are facing issue with regards to the posture remediation. The requirement is the remediation case of updating Symantec AV (if outdated) and install the same in case not there on client system. The configuration is as below:
Client provisioning to install any connect if client pc is in unknown state Posture policy to install Symantec antivirus to client pc If AV is installed then it should be updated if it is not updated then client pc will get quarantine rule and client have update the antivirus first But we when try to update the antivirus we get an error message that the remediation we are trying to do is access denied because of privilege issue.
We have open a TAC case SR 681199978 and the TAC has mentioned that this setup is not supported with OPSWAT at the moment with the current AV version due to the limitations imposed by Symantec.
The above setup is working fine with competition and they have demonstrated the same.
Your TAC case has been escalated to our product team and it did seems the current mechanism relying on Symantec LiveUpdate solely. Please continue working with Cisco TAC and our ESC team. If you need to raise an enhancement, please reach out to our product management team.