Cisco Host Scan interoperability with WSUS

Unanswered Question
Aug 19th, 2010
User Badges:

Hi,

we want to implement through the Cisco Secure Desktop Manager, an endpoint check about the os patching.

We notice that is possible to check from the DAP to check the os update.

Is it possible to query the microsoft WSUS service in order to check the endpoint os version to correct patch?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Paul Carco Sat, 09/04/2010 - 10:15
User Badges:

Yes you can do this using an 'Logical Expression'  within your DAP configuration



Checking for a Hotfix on the User PC

This example checks for a specific hotfix. If a user does not have the hotfix on their PC, a message that it is not installed displays.

(not CheckAndMsg(EVAL(endpoint.os.windows.hotfix["KB923414"],"EQ","true"),nil,"The 
required hotfix is not installed on your PC.")) 
 

or you could define it this way (which makes more sense):

(CheckAndMsg(EVAL(endpoint.os.windows.hotfix["KB923414"],"NE","true"),"The required hotfix 
is not installed on your PC.",nil)) 
 

You can build the expression in this example because the debug dap trace returns:

endpoint.os.windows.hotfix["KB923414"] = "true"; 


-- This is from the ASDM online Help..  
Best regards,
Paul

Actions

This Discussion