What exactly does it mean in the Support documentation that Cisco "does not recommend the combined use of HostScan and ISE posture"
I've been a bit dumbfounded by this statement; can we define combining? Does this meaning simulteaneous execution? For clarity, could someone please give an example by contrasting a Combined use scenario vs ideal scenario?
Hi, It's not recommended because they serve the same purpose, determining OS, AV, AS, FW applications running a computer connecting to the network and ensuring compliance. If you were to run both you'd be doubling the administrative effort, having to configure 2 identical posture policies - For example, imagine incorrectly configure a different setting on one policy e.g. ISE, posture succeeds using Hostscan but fails ISE posture.
I think the issue that confuses things is how Cisco interchangeably refers to VPN Posture and Hostscan, as if they are completely synonymous. When checking VPN message history in Anyconnect I see reference to Hostscan so was concerned it was running in parallel with ISE; however I found some documentation online that indicated that after version 3x (I think), Host scan is a separate install....so I went looking at our install for the module name (anyconnect-win-version-posture-predeploy-k9.msi) which is NOT present; ISE only....a good thing it would seem, and I don't see anything in programs and features that indicates both are installed...so about the time I feel confident that the module is not present on my stem, I go poking through my DART logs and find a Any Connect Posture Module Folder with anticipated libcsd.log right along with an AnyConnect ISE Posture log folder. WHAT IS GOING ON. Are we running "combined" Hostscan or not?!?!
If they're going to go out of their way in the documentation to advise NOT combining Hostscan with ISE, they should distinguish between the "hostcan module" and the "VPN posture" function instead of putting HostScan in parenthesis next to every single reference of VPN Posture to confuse those of us that don't have keys to the flippin city.
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the SecureX regio...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the Secur...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...