ForeScout CounterACT NDM Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
CounterACT must enforce password complexity by requiring that at least one special character be used.
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...Rule Medium Severity -
CounterACT must be configured to synchronize internal information system clocks with the organizations primary and secondary NTP servers.
The loss of connectivity to a particular authoritative time source will result in the loss of time synchronization (free-run mode) and increasingly inaccurate time stamps on audit events and other ...Rule Medium Severity -
CounterACT must restrict the ability to change the auditing to be performed within the system log based on selectable event criteria to the audit administrators role or to other roles or individuals.
If authorized individuals do not have the ability to modify auditing parameters in response to a changing threat environment, the organization may not be able to effectively respond, and important ...Rule Medium Severity -
In the event the authentication server is unavailable, one local account must be created for use as the account of last resort.
Authentication for administrative (privileged-level) access to the device is required at all times. An account can be created on CounterACT's local database for use in an emergency, such as when th...Rule Medium Severity -
CounterACT must compare internal information systems clocks at least every 24 hours with an authoritative time server.
Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when condu...Rule Medium Severity -
CounterACT must limit the number of concurrent sessions to an organization-defined number for each administrator account type.
Network device management includes the ability to control the number of administrators and management sessions that manage a device. Limiting the number of allowed administrators and sessions per a...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.