Can someone please detail how a HIP profile for missing patches works? I have tried every combination possible and I always get the same result.
My Criteria is as follows:
Patching is Enabled Yes is Installed Checked
Severity - Greater than 2 (Which means 3 or Critical for Microsoft related patches)
Check - Has None
Vendor - Microsoft Corp.
My Gateway HIP Notification rule says:
On Match display bubble "Missing Patches" on Not Match "Patches Good" - this of course is just verbiage for me to know which match condition is hitting.
When I connect with the GP agent the "Patches Good" message pops up, telling me the Not Match rule fired. (or to my logic you do not have missing patches greater than severity 2).
On a fully patched machine this is great, but then I removed a critical patch (verified on technet to have a Critical Severity rating) and re-connected. Same "Patches Good" message.
I re-submitted HIP profile and ran again, same thing so I figured I have the wrong Check logic. I tried Has All and Has Any with the same "Patches Good" message fired.
Now I am at a loss and wondering if I am missing something so I have the following questions:
what information do you see on global protect client application patch-management tab ?
has none, has any and has all is a logic that works :
will controll if the patch you want to exclude you choose has none
you want to match any of the patches you choose any, or for all patches should match you choose all.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!