STIGQter STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Forescout must limit the number of concurrent sessions to one for each administrator account.

DISA Rule

SV-230930r615886_rule

Vulnerability Number

V-230930

Group Title

SRG-APP-000001-NDM-000200

Rule Version

FORE-NM-000010

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure Forescout to require a limit of one session per user.

1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> CounterAct user profiles >> Password and Sessions >> Session.
3. Check "allow only one login session per user".
4. Select the "Terminate existing session upon new login" radio button.
5. Select "Console and web portal sessions cannot exist concurrently".

Check Contents

Determine if Forescout requires a limit of one session per user. This requirement may be verified by demonstration or configuration review.

1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> CounterAct user profiles >> Password and Sessions >> Session.
3. Verify the "allow only one login session per user", "Terminate existing session upon new login", and "Console and web portal sessions cannot exist concurrently".

If Forescout does not enforce one session per user, this is a finding.

Vulnerability Number

V-230930

Documentable

False

Rule Version

FORE-NM-000010

Severity Override Guidance

Determine if Forescout requires a limit of one session per user. This requirement may be verified by demonstration or configuration review.

1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> CounterAct user profiles >> Password and Sessions >> Session.
3. Verify the "allow only one login session per user", "Terminate existing session upon new login", and "Console and web portal sessions cannot exist concurrently".

If Forescout does not enforce one session per user, this is a finding.

Check Content Reference

M

Target Key

5245

Comments