Skip to content
Log In

Forescout Network Device Management Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The Forescout must configure a remote syslog where audit records are stored on a centralized logging target that is different from the system being audited.

    Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.
    Rule Low Severity
    Show

  • SRG-APP-000373-NDM-000298

    Group
    Show

  • SRG-APP-000374-NDM-000299

    Group
    Show

  • Forescout must be configured to use Coordinated Universal Time (UTC).

    If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Tim...
    Rule Medium Severity
    Show

  • SRG-APP-000378-NDM-000302

    Group
    Show

  • Forescout must prohibit installation of software without explicit privileged permission by only authorized individuals.

    Allowing anyone to install software, without explicit privileges, creates the risk that untested or potentially malicious software will be installed on the system. This requirement applies to code ...
    Rule Medium Severity
    Show

  • SRG-APP-000380-NDM-000304

    Group
    Show

  • SRG-APP-000381-NDM-000305

    Group
    Show

  • Forescout must audit the enforcement actions used to restrict access associated with changes to the device.

    Without auditing the enforcement of access restrictions against changes to the device configuration, it will be difficult to identify attempted attacks, and an audit trail will not be available for...
    Rule Low Severity
    Show

  • SRG-APP-000131-NDM-000243

    Group
    Show

  • Forescout must prevent the installation of patches, service packs, plug-ins, or modules without verification the update has been digitally signed using a certificate that is recognized and approved by the organization.

    Changes to any software components can have significant effects on the overall security of the network device. Verifying software components have been digitally signed using a certificate that is r...
    Rule Low Severity
    Show

  • SRG-APP-000133-NDM-000244

    Group
    Show

  • Forescout must limit privileges to change the modules and OSs resident within software libraries.

    Changes to any software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals must be allowed ad...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000335

    Group
    Show

  • SRG-APP-000516-NDM-000336

    Group
    Show

  • Forescout must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.

    Centralized management of authentication settings increases the security of remote and nonlocal access methods. This control is particularly important protection against the insider threat. With ro...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000351

    Group
    Show

  • Forescout must be running an operating system release that is currently supported by the vendor.

    Network devices running an unsupported operating system lack current security fixes required to mitigate the risks associated with recent vulnerabilities. In Oct 2021, there is plan to make Versio...
    Rule Medium Severity
    Show

  • SRG-APP-000329-NDM-000287

    Group
    Show

  • SRG-APP-000516-NDM-000334

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules