1 Reply Latest reply: Dec 11, 2017 4:33 AM by chyps RSS

WSUS and ISE integration for Windows desktops

shkimura

Hi experts and team,

 

Is it possible to pull compliance information and check desktop status with like MS windows OS/Hotfix/Patch directory from MS managed WSUS and corporate local WSUS ?

ISE can check latest supported list for OS/AV/AS/application continuously from Posture Updates which is for local compliance check in ISE internal.

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_011001.html?bookSearch=true#ID285

 

This seems that ISE can do remediation action as following, but I couldn't find the information to specify WSUS server for direct integration.

 

Windows Server Update Services Remediation

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0100000.html?bookSearch=true#reference_FE34E315EB9E4D6999A0971625E099C3

 

Windows Update Remediation

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0100000.html?bookSearch=true#ID1151

 

Shiegru