ISE Posture
Example Conditions Ensure Windows Firewall is enabled Check for attached USB devices Anti-malware installation Critical Patch installation Application installation Note: Anyconnect package on ASA/FTD contains ISE Posture module, but need be enabled in Group Policy to push it to user's PC along with Anyconnect VPN core module. Example: ASA group-policy ISE_VPN internal group-policy ISE_VPN attributes dns-server value 172.16.1.10 vpn-tunnel-protocol ssl-client webvpn anyconnect modules value iseposture anyconnect profiles value Test-Profile type user Example: FTD 2. When user PC has no AnyConnect installed, user connects to remote VPN URL, after login, the user has link to download Anyconnect VPN core module. After AC installation, launch and login AC, when Group Policy has ISE posture module is enabled, the module will be download and installed. Then "discover" process is started. 2.1 When enroll.cisco.com is allowed on the tunnel, compliance module downlo