I've noticed the NAC is not receiving some of the critical windows vulnerabilities in April's Security Bulletin. The latest one I have is MS10-020 but what about 025, 026, and 027? Is there a reason why Cisco does not create the necessary rules for these vulnerabilities? These rules are listed as a critical severity.
These patches were released by Microsoft over three weeks ago. Most customers I support begin patching usually a week afterwards and implement these checks in NAC a week or two after the deployment.
If you can look into this it would be appreciated. I really need to understand under what circumstances does Cisco create a rule for a specific hotfix. I realize they only address critical, but there are some critical patches listed in this thread which have not been addressed.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...