hi all,
i have a customer that wants to do posture assessement with the SCCM agent on the workstation without the Anyconnect agent.
i succeeded to integrate the SCCM with the ISE and right after it some objects of MDM appered in the ISE.
my question is:
1) is it possible to do posture assessement without the AnyConnect? it means that the ISE will get only the Compliant status and by that i will create a policy with a result.
2) how the ISE knows which query to send the SCCM to get the result of compliant or not? do i need to configure something from the ISE? lets say i want to check windows updates from the SCCM for the example.
3) do i have to get a SMS_Admins credentials or is it okay to have read-only on the DB itself?
thank you,
tamir
