cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1309
Views
0
Helpful
3
Replies
Beginner

ISE Condition Windows with Latest Patch Installed

Hello,

I want to comply all the domain computer with latest windows Patch Installed. How we can create this condition under which catagry as mentioned below?

Thanks.  

3 REPLIES 3
Participant

ISE Condition Windows with Latest Patch Installed

Case Solution:
You can deploy domain computer with latest windows Patch  Installed with Configuring WSUS Remediation.
This example shows how to ensure that all employee computers  with Windows 7 have the latest critical
Patches installed. Windows Server Update Services (WSUS) are  internally managed.

Define a posture remediation action that checks for and  installs the latest Windows 7 patches.

1. Navigate to Policy > Policy Elements > Results,  and expand the Posture folder.

2. Expand the contents of Remediation Actions.

Select Windows Server Update Remediation, and click Add from the right−hand pane menu.

Enter these values, and click Submit:

Attribute Value

Name Install_Win_Critical_Updates

Description Check and Install missing Critical Windows Updates

Remediation Type Manual

Validate Windows Updates using Severity Level

Windows Updates Severity Level Critical

Windows Updates Installation Source Managed Server

Installation Wizard Interface Setting Show UI

Note: If you want to use Cisco rules in order to  validate Windows update, create your posture

Conditions, and define your conditions in Step 2.

2. Click Save when finished.

Note: If a preconfigured condition does not  display under the list of conditions, verify that the appropriate OS has  been selected for both the condition as well as the requirement rule.  Only conditions that are the same or are a subset of the OS selected for  the rule display in the conditions selection list.

Please check below  which may be helpful for you.

http://www.cisco.com/image/gif/paws/116143/116143-config-cise-posture-00.pdf

Highlighted

ISE Condition Windows with Latest Patch Installed

Any way to use SCCM rather than WSUS?

Beginner

Hi. Just wonder if you had

Hi. Just wonder if you have any solution for this ? I had this problem too.