Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Forescout Network Device Management Security Technical Implementation Guide
SRG-APP-000516-NDM-000340
Forescout must be configured to conduct backups of system-level information contained in the information system when changes occur.
Forescout must be configured to conduct backups of system-level information contained in the information system when changes occur.
An XCCDF Rule
Details
Profiles
Prose
Forescout must be configured to conduct backups of system-level information contained in the information system when changes occur.
Medium Severity
<VulnDiscussion>System-level information includes default and customized settings and security attributes, including ACLs that relate to the network device configuration, as well as software required for the execution and operation of the device. Information system backup is a critical step in ensuring system integrity and availability. If the system fails and there is no backup of the system-level information, a denial-of-service condition is possible for all who utilize this critical network component. Perform scheduled backups of the Forescout system to FTP, SFTP, and SCP sites. Using scheduled backups provides extra safety and protection against hard drive failures and data loss. The system backup feature saves all CounterACT device and Console settings. This data includes the following: - Configuration - License - Operating System configuration - Plugins/Modules These categories include, for example: - Forescout platform IP address - License information - Channel - Email - Internal network parameters - Basic and advanced NAC Policy definitions - Legitimate traffic definitions - Report schedules</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>