Forescout Network Device Management Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Forescout must generate log records for a locally developed list of auditable events.
Auditing and logging are key components of any security architecture. Logging the actions of specific events provides a means to investigate an attack; to recognize resource utilization or capacity...Rule Medium Severity -
SRG-APP-000516-NDM-000340
Group -
SRG-APP-000516-NDM-000341
Group -
Forescout must support organizational requirements to conduct backups of information system documentation, including security-related documentation, when changes occur or weekly, whichever is sooner.
System-level information includes default and customized settings and security attributes, including ACLs that relate to the network device configuration, as well as software required for the execu...Rule Medium Severity -
SRG-APP-000516-NDM-000344
Group -
Forescout must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
For user certificates, each organization obtains certificates from an approved shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure ...Rule Medium Severity -
SRG-APP-000142-NDM-000245
Group -
SRG-APP-000142-NDM-000245
Group -
SRG-APP-000395-NDM-000310
Group -
Forescout must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Bidirectional authentication provides stronger safeguards to validate the...Rule High Severity -
SRG-APP-000395-NDM-000347
Group -
Before establishing a connection with a Network Time Protocol (NTP) server, Forescout must authenticate using a bidirectional, cryptographically based authentication method that uses a FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to authenticate with the NTP server.
If Network Time Protocol is not authenticated, an attacker can introduce a rogue NTP server. This rogue server can then be used to send incorrect time information to network devices, which will mak...Rule Medium Severity -
SRG-APP-000166-NDM-000254
Group -
Forescout must enforce password complexity by requiring that at least one uppercase character be used.
Use of a complex passwords helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisti...Rule Medium Severity -
SRG-APP-000167-NDM-000255
Group -
Forescout must enforce password complexity by requiring that at least one lowercase character be used.
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...Rule Medium Severity -
SRG-APP-000164-NDM-000252
Group -
Forescout must enforce a minimum 15-character password length.
Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to d...Rule Medium Severity -
SRG-APP-000168-NDM-000256
Group -
Forescout must enforce password complexity by requiring that at least one numeric character be used.
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.