Case Solution:
You can deploy domain computer with latest windows Patch Installed with Configuring WSUS Remediation.
This example shows how to ensure that all employee computers with Windows 7 have the latest critical
Patches installed. Windows Server Update Services (WSUS) are internally managed.
Define a posture remediation action that checks for and installs the latest Windows 7 patches.
1. Navigate to Policy > Policy Elements > Results, and expand the Posture folder.
2. Expand the contents of Remediation Actions.
Select Windows Server Update Remediation, and click Add from the right−hand pane menu.
Enter these values, and click Submit:
Attribute Value
Name Install_Win_Critical_Updates
Description Check and Install missing Critical Windows Updates
Remediation Type Manual
Validate Windows Updates using Severity Level
Windows Updates Severity Level Critical
Windows Updates Installation Source Managed Server
Installation Wizard Interface Setting Show UI
Note: If you want to use Cisco rules in order to validate Windows update, create your posture
Conditions, and define your conditions in Step 2.
2. Click Save when finished.
Note: If a preconfigured condition does not display under the list of conditions, verify that the appropriate OS has been selected for both the condition as well as the requirement rule. Only conditions that are the same or are a subset of the OS selected for the rule display in the conditions selection list.
Please check below which may be helpful for you.
http://www.cisco.com/image/gif/paws/116143/116143-config-cise-posture-00.pdf
