cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
15044
Views
0
Helpful
2
Replies

ISE temporal agent and 'any' AV posture rule

k.clarke
Level 1
Level 1

HI,

I have a customer requirement to use the ISE 2.3 Temporal Agent and posture check wired guests to ensure they are running 'any' AV. Does anyone know if this is supported, I'm guessing not? From a configuration point of view the Temporal Agent requires the compliance module as 4.x and above however the AV rules are constructed from compliance module 3.x

AV definition cannot be defined in teh Policy Requirements section:

Details on the Temporal Agent can be found in the link below:

Cisco Identity Services Engine Administrator Guide, Release 2.3 - Configure Client Posture Policies [Cisco Identity Ser…

Agent works fine with Windows Firewall check.

Has anyone successfully done this? Is there another way to check for 'any' AV with the Temporal Agent?

Regards,

Keith.

2 Replies 2

devvv85
Level 1
Level 1

Hi Experts,

 

As mentioned by Keith, I am also having this requirement from the customer. If I create an anti malware condition for 'Any', then Windows defender is also taken into account, which is not required.

Tried disabling the AV services on Windows defender, still machine is compliant

 

Tried to change condition to check definition instead of installation, still result is compliant.

 

As mentioned by Keith, cannot create AV condition because it requires compliance module 3.x or earlier.

 

Appreciate your help on this.

 

Thank you!

Peter Koltl
Level 7
Level 7

Compliance Module 4.x uses AM (Anti-Malware) categories rather than AV.