Forescout Network Device Management Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Forescout must generate log records for privileged activities or other system-level access.
<VulnDiscussion>Without generating log records that are specific to the security and mission needs of the organization, it would be difficult...Rule Low Severity -
SRG-APP-000505-NDM-000322
<GroupDescription></GroupDescription>Group -
Forescout must generate log records showing starting and ending time for administrator access to the system.
<VulnDiscussion>Without generating log records that are specific to the security and mission needs of the organization, it would be difficult...Rule Low Severity -
SRG-APP-000506-NDM-000323
<GroupDescription></GroupDescription>Group -
Forescout must generate log records when concurrent logons from different workstations occur.
<VulnDiscussion>Without generating log records that are specific to the security and mission needs of the organization, it would be difficult...Rule Low Severity -
SRG-APP-000515-NDM-000325
<GroupDescription></GroupDescription>Group -
The Forescout must configure a remote syslog where audit records are stored on a centralized logging target that is different from the system being audited.
<VulnDiscussion>Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common...Rule Low Severity -
SRG-APP-000373-NDM-000298
<GroupDescription></GroupDescription>Group -
Forescout must generate log records when successful attempts to access privileges occur.
<VulnDiscussion>Without generating log records specific to the security and mission needs of the organization, it would be difficult to estab...Rule Low Severity -
SRG-APP-000495-NDM-000318
<GroupDescription></GroupDescription>Group -
Forescout must generate log records when attempts to modify administrator privileges occur.
<VulnDiscussion>Without generating log records that are specific to the security and mission needs of the organization, it would be difficult...Rule Low Severity -
SRG-APP-000499-NDM-000319
<GroupDescription></GroupDescription>Group -
Forescout must generate log records when attempts to delete administrator privileges occur.
<VulnDiscussion>Without generating log records specific to the security and mission needs of the organization, it would be difficult to estab...Rule Low Severity -
SRG-APP-000503-NDM-000320
<GroupDescription></GroupDescription>Group -
Forescout must generate log records showing when successful logon attempts occur.
<VulnDiscussion>Without generating log records that are specific to the security and mission needs of the organization, it would be difficult...Rule Low Severity -
SRG-APP-000504-NDM-000321
<GroupDescription></GroupDescription>Group -
Forescout must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
<VulnDiscussion>For user certificates, each organization obtains certificates from an approved shared service provider, as required by OMB po...Rule Medium Severity -
SRG-APP-000142-NDM-000245
<GroupDescription></GroupDescription>Group -
SRG-APP-000317-NDM-000282
<GroupDescription></GroupDescription>Group -
Forescout must terminate the account of last resort password when members with access to the password leave the group.
<VulnDiscussion>A shared/group account credential is a shared form of authentication that allows multiple individuals to access the network d...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.