Forescout must off-load log records onto a different system. This is required for compliance with C2C Step 1.

An XCCDF Rule

Details
Profiles

Description

Having a separate, secure location for log records is essential to the preservation of logs as required by policy.

ID: SV-233324r856510_rule
Version: FORE-NC-000160
Severity: Medium
References: CCI-001851
Updated: about 2 months ago

Remediation Templates

Configure Syslog server with TCP, as well as configure Syslog to alert if the communication between the Syslog server and the Forescout appliance loses connectivity.

1. Go to Tools >> Options >> Syslog.
2. Click Add/Edit.
3. Configure the Syslog:
- Syslog Server IP address- Server Port
- Server Protocol set to TCP
- Check the Use TLS setting
- Configure the Identity, Facility, and Severity.
4. Click "Ok".
5. Click "Apply".

Forescout must off-load log records onto a different system. This is required for compliance with C2C Step 1.

Description

Remediation Templates

A Manual Procedure