Posture Assessment

Overview

Posture assessment checks device health and compliance:

  • Antivirus status

  • Patch level

  • Disk encryption

  • Required software

Workflow

Client connects → Authenticate → Posture check →
  Compliant → Full access
  Non-compliant → Remediation VLAN

Posture Conditions

  • Anti-Malware - AV installed and updated

  • Patch Management - OS patches current

  • Disk Encryption - BitLocker/FileVault enabled

  • Application - Required apps installed

Configuration

  1. Install AnyConnect Posture Module on clients

  2. Configure Posture Policies in ISE

  3. Create remediation profiles

  4. Add posture conditions to authorization

Continuous Monitoring

Enable periodic reassessment:

  • Reassessment interval

  • Grace period for remediation

  • Automatic CoA on compliance change