Security

last person joined: 23 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass OnGuard - checking Windows patches

This thread has been viewed 5 times

  • 1.  ClearPass OnGuard - checking Windows patches

    Posted Nov 08, 2017 08:24 AM

    Hi

     

    My client wants to check with OnGuard if windows patches are up-to-date but with some period back for example 2-3 months, so he shouldn't go to quarantine at once when he hasn't installed yet newest patches available. 

    In this moment we are using Windows Security Health Validator and we have turned on Security Updates and Important and above. 

    The result is such that when host computer have got info about new patches from windows update it automatically goes to quarantine. 

    We would like to give client some time to update his computer, not automatically send to quarantine

     

    Any idea how to achive this ?

     

    best regards

     

    Karol

     



  • 2.  RE: ClearPass OnGuard - checking Windows patches

    Posted Feb 22, 2018 04:55 PM

    Also am looking for info on how to accomplish this.



  • 3.  RE: ClearPass OnGuard - checking Windows patches

    Posted Jul 06, 2018 09:13 AM

    Allow the application service windows-updates in the quarantine role as part of a firewall policy. This would allow the clients to still access windows updates from quarantine to get in compliance.



  • 4.  RE: ClearPass OnGuard - checking Windows patches

    Posted Jul 06, 2018 10:10 AM

    Hi

     

    Thanks for suggestion, I will discuss it with my client

     

    regards

     

    Karol