cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
1656
Views
5
Helpful
3
Replies

Windows Os Architecture(32bit/64bit) profiling by Cisco ISE Problem.

s.maxina1
Level 1
Level 1

Hi All.

I want to classify my Clients as Win7 32bit and Win7 64 bit( I want to install some Apps based on os architectures via ISE Posture File remediation and I know this procedure) in Cisco ISE v2.4. Ho can I do that classification? already, I have configured an authorization rule based on  Attribute "Session OS-Architecture:32bit/64bit", but it doesn't work(only profile Microsoft-workstation).

Thanks so much,

Sina HR.

2 Accepted Solutions

Accepted Solutions

Thanks Colby.lemaire.

when i used "Sessein:OS Architecture" Condition in "Client Provisioning policy", it does not work. but, when I used "Sessein:OS Architecture" Condition in "posture policy", it works and choose rule based on os Architecture condition. interesting.

View solution in original post

Client Provisioning policy is used only to provision the Anyconnect posture agent or to push out supplicant configurations for BYOD.  If you want to push files out to a machine, that would be under the Posture Policy.  You check to see if the file exists and if not, have a file remediation action.

View solution in original post

3 Replies 3

Colby LeMaire
VIP Alumni
VIP Alumni

First thought is that ISE is not meant to be a software distribution or patch management system.  I would highly recommend looking into something like SCCM to accomplish what you are looking for.

With that said, if you still want to be able to profile the endpoints based on OS details, you will probably need to enable the Active Directory probe and ISE will get the information about the client from AD.  But it will probably not be 100% which is why I wouldn't rely on ISE for pushing files out.

Thanks Colby.lemaire.

when i used "Sessein:OS Architecture" Condition in "Client Provisioning policy", it does not work. but, when I used "Sessein:OS Architecture" Condition in "posture policy", it works and choose rule based on os Architecture condition. interesting.

Client Provisioning policy is used only to provision the Anyconnect posture agent or to push out supplicant configurations for BYOD.  If you want to push files out to a machine, that would be under the Posture Policy.  You check to see if the file exists and if not, have a file remediation action.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: