Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14814
Views
0
Helpful
2
Replies

ISE temporal agent and 'any' AV posture rule

k.clarke
Level 1
Level 1

‎03-26-2018 07:28 AM

HI,

I have a customer requirement to use the ISE 2.3 Temporal Agent and posture check wired guests to ensure they are running 'any' AV. Does anyone know if this is supported, I'm guessing not? From a configuration point of view the Temporal Agent requires the compliance module as 4.x and above however the AV rules are constructed from compliance module 3.x

AV definition cannot be defined in teh Policy Requirements section:

Details on the Temporal Agent can be found in the link below:

Cisco Identity Services Engine Administrator Guide, Release 2.3 - Configure Client Posture Policies [Cisco Identity Ser…

Agent works fine with Windows Firewall check.

Has anyone successfully done this? Is there another way to check for 'any' AV with the Temporal Agent?

Regards,

Keith.

1 person had this problem
0 Helpful
2 Replies 2

devvv85
Level 1
Level 1

‎09-19-2018 08:08 AM

Hi Experts,

 

As mentioned by Keith, I am also having this requirement from the customer. If I create an anti malware condition for 'Any', then Windows defender is also taken into account, which is not required.

Tried disabling the AV services on Windows defender, still machine is compliant

 

Tried to change condition to check definition instead of installation, still result is compliant.

 

As mentioned by Keith, cannot create AV condition because it requires compliance module 3.x or earlier.

 

Appreciate your help on this.

 

Thank you!

0 Helpful

Peter Koltl
Level 7
Level 7

‎05-18-2019 12:19 PM

Compliance Module 4.x uses AM (Anti-Malware) categories rather than AV.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents