1 Reply Latest reply: Oct 5, 2017 11:54 AM by kthiruve RSS

Passive-ressessment issue

sci_horvatha

Hi,

Tried to implement 1 day Posture lease time with 4 hours PrA.

If I switch on Reassessment Enforcement, and re-connect  a Compliant machine again to net,

it is force a posture check every time.

 

At ISE posture logs I see a Compliant entry ("Bypass posture since the endpoint is compliant" ),

but immediately afterwards I see a

PRA INFO: PRA is starting

and after this the client preforms a complete re-check.

 

Why?

  • 1. Re: Passive-ressessment issue
    kthiruve

    Hi.

     

    Please make sure the you have a authz policy with condition that includes session: Agent-request-type = Periodic reassessment.

    Periodic reassessment requires machine to be compliant and also choose the appropriate option when configuring Periodic reassessment

    from Administration>System>Setting>Posture>Reassessment, choose the enforcement type continue.

     

    Thanks

    Krishnan