Forescout must disable the Request Customer Verification setting.
An XCCDF Rule
Description
To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable unused or unnecessary physical and logical ports/protocols on information systems. This option connects to a user verification server at Forescout infrastructure used for verification of customer profiles and must not be used in DoD. If accidentally checked, this must error out.
- ID
- SV-230960r960966_rule
- Version
- FORE-NM-000340
- Severity
- Low
- References
- Updated
Remediation Templates
A Manual Procedure
In the Password and Sessions login options, disable the "request customer verification" option.
1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
3. Ensure the option for "request customer verification" is unchecked.