Anybody knows how to configure Cisco ISE Posture Policy to check windows Service Pack? For example, we need to create a policy to check if machine has a Antivirus and the last service pack installed. The policy for antivirus it's simple, but we don't know how to configure for Service Pack check.
For those specifc examples, no. They are pc_ = pre configured from Cisco.
If you want to modify them, you will need to adjust the Value to match what you need.
As always, remember that Registry Valures are CasE SenSITIve. :-)
I find it best to export the reg key area I need and copy-paste leaving out the " Quotation marks"
Policy > Policy Elements > Condidtions > Posture > Registry Condition
Use those or duplicate them and modify as you need.