Hi,
Just wanting some confirmation whether it is possible in ISE 2.x to have an ISE posture check for any anti-virus/anti/malware installed and running on a supported endpoint with AnyConnect ISE Posture module?
The inbuild conditions in ISE can check for AV/AM installed and definition check however dont see any option to see if it is running/enabled... Have tried using an application condition (provision by category) with application state 'Installed' and 'Running' checked, however this just seems to collect application information rather than act as a posture check itself, and doesnt allow a remedation action to be set.
This is for AnyConnect VPN users.
Thanks,
dvan
