guys pls check the screenshot attached of an ISE patch condition (Win10-Patch Condition.jpg).Does it means ISE posture check whether Windows OS critical patches are up-to-date or BigFix client agent is up-to-date?
I had applied this patch condition...
I am using Anyconnect VPN in ASA. ASA is done radius AAA to ISE and then to AD.
how can ASA assign different group policy in ASA based on the AD user group. Intention is to assign different IP pool in ASA based on the AD user group (user connecting v...
I have integrated Cisco ISE pxGrid with Cisco FMC. Now, how to send few IP/MAC from Cisco ISE radius authentications to FMC so that the FTD firewall will permit only those IP in the access policy
how to integrate cisco ISE with BigFix Patch management server. the goal is when a windows endpoint connects to ISE, ISE shd check bigfix patch server whether the endpoint is latest updated.If updated ISE posture permits the endpoint to network.
thank you @Azizi123 commands looks helpful, but how to do Posture from ISE with these commands other powershell script.Powershell might be disabled in most systems.
802.1x is an authentication protocol only. it has no relation with SXP.
ISE uses Trustsec/SXP service to inform switches on the SGT tags. Check below doc - https://www.lookingpoint.com/blog/cisco-ise-trustsec-propagation
ISE has many probes for profiling, bet one is radius probe. All the probes are mentioned here - https://community.cisco.com/t5/security-knowledge-base/ise-profiling-design-guide/ta-p/3739456#toc-hId-1115939359You can use http probe, it gives few good...