ForeScout CounterACT NDM Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
CounterACT must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC).
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Tim...Rule Medium Severity -
SRG-APP-000373-NDM-000298
Group -
SRG-APP-000125-NDM-000241
Group -
If any logs are stored locally which are not sent to the centralized audit server, CounterACT must back up audit records at least every seven days onto a different system or system component than the system or component being audited.
Protection of log data includes ensuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited ...Rule Medium Severity -
SRG-APP-000133-NDM-000244
Group -
CounterACT must limit privileges to change the software resident within software libraries.
Changes to any software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed ...Rule Medium Severity -
SRG-APP-000169-NDM-000257
Group -
SRG-APP-000515-NDM-000325
Group -
CounterACT must sent audit logs to a centralized audit server (i.e., syslog server).
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.Rule Medium Severity -
SRG-APP-000374-NDM-000299
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.