View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0194 - ISE 1.3 Posture Assessment with AnyConnect Client (Part 3)

Rating: 
5
Average: 5 (1 vote)
Difficulty Level: 
0
Lab Document: 
<Please login to see the content>
The video looks at posture assessment on Cisco ISE 1.3. We will continue from the wired EAP-TLS video and add configuration for Cisco NAC agent, and then later replace it with Cisco AnyConnect ISE posture module. Antivirus installation, and signature definition update checks using ClamWin Antivirus will be performed before allowing a domain user onto the network. Using wired Windows 7, we will step through the posture assessment process, starting with Posture Agent download, and, along the way, try to bring our test machine to a compliant state to gain full network access. 
 
Part 3 of this video shows posture policy configuration, tests posture assessment enforcement, and performs remediation
 
Topic:
  • Authorization Policies
  • Posture Policies
  • Client Provisioning Policies
  • Policy Elements
    • Results (Authorization Profile, dACL, VLAN)
  • Posture Agent Profile
  • AnyConnect Agent Profile and Configuration
  • Cisco NAC Agent (Windows)
  • Cisco AnyConnect Client with ISE Posture Module (Windows)
  • Posture Compliant/Non-Compliant/Unknown States
  • ClamWin Antivirus

Note: AnyConnect ISE Posture Module requires AnyConnect APEX license in addition to ISE APEX license (even without VPN)

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.