Техническая Инструкция для Cisco Cisco Identity Services Engine Software

Contributed by Michal Garcarz, Cisco TAC Engineer.
Aug 03, 2015

Introduction
Prerequisites
     Requirements
     Components Used
Configure
     Network Diagram
     Microsoft WSUS
     ASA
     ISE
        Posture Remediation for WSUS
        Posture Requirement for WSUS
        AnyConnect Profile
        Client Provisioning Rules
        Authorization Profiles
        Authorization Rules
Verify
     PC with Updated GPO Policies
     Approve a Critical Update on the WSUS
     Check the PC Status on the WSUS
     VPN Session Established
     Posture Module Receives Policies from the ISE and Performs Remediation
     Full Network Access
Troubleshoot
Important Notes
     Option Details for WSUS Remediation
     Windows Update Service
     SCCM Integration
Related Information

This document describes how to configure the Cisco Identity Services Engine (ISE) posture functionality
when it is integrated with the Microsoft Windows Server Update Services (WSUS).

: When you access the network, you are redirected to the ISE for Cisco AnyConnect Secure Mobility

Client Version 4.1 provisioning with a posture module, which checks the compliance status on the WSUS and
installs the necessary updates in order for the station to be compliant. Once the station is reported as
compliant, the ISE allows for full network access.