Cisco is warning that this week’s Patch Tuesday from Microsoft deprecates an authentication function and might break some Identity Services Engine (ISE) functions.
In a field notice, the networking giant published a workaround for the issue, which affects branch 2 and 3 of the software.
Wired, wireless and VPN deployments could all be affected.
“ISE for mobile device management might no longer be able to connect and obtain compliance information from the Microsoft Endpoint Configuration Manager (MECM) after the March 14, 2023 Microsoft security patch is installed”, Cisco said.
The field notice states that ISE uses a Windows management instrumentation query to get the registration and compliance status of endpoints from the MECM server.
The upcoming Microsoft patch “will deprecate the low level authentication that is required by Cisco ISE."
"For MDM [mobile device management] solution deployments only, this causes the connection to the MECM server to fail and compliance information will not be obtained," Cisco said.
“ISE posture functionality with the Cisco AnyConnect secure mobility client is not affected by the issue described in this field notice."
Cisco said the only option for the time being is for users to disable the March 14 update until the hotfix current under preparation is available.
