Forescout Network Device Management Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000001-NDM-000200
Group -
Forescout must limit the number of concurrent sessions to one for each administrator account.
Device management includes the ability to control the number of administrators and management sessions that manage a device. Limiting the number of allowed administrators and sessions per administr...Rule Low Severity -
SRG-APP-000317-NDM-000282
Group -
Forescout must terminate the account of last resort password when members with access to the password leave the group.
A shared/group account credential is a shared form of authentication that allows multiple individuals to access the network device using a single account. If shared/group account credentials are no...Rule Medium Severity -
SRG-APP-000148-NDM-000346
Group -
SRG-APP-000065-NDM-000214
Group -
Forescout must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes.
By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced.Rule Medium Severity -
SRG-APP-000068-NDM-000215
Group -
SRG-APP-000069-NDM-000216
Group -
SRG-APP-000091-NDM-000223
Group -
Forescout must generate log records when successful attempts to access privileges occur.
Without generating log records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or i...Rule Low Severity -
SRG-APP-000495-NDM-000318
Group -
Forescout must generate log records when attempts to modify administrator privileges occur.
Without generating log records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an inci...Rule Low Severity -
SRG-APP-000499-NDM-000319
Group -
SRG-APP-000503-NDM-000320
Group -
SRG-APP-000504-NDM-000321
Group -
SRG-APP-000505-NDM-000322
Group -
Forescout must generate log records showing starting and ending time for administrator access to the system.
Without generating log records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an inci...Rule Low Severity -
SRG-APP-000506-NDM-000323
Group -
SRG-APP-000515-NDM-000325
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.