STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Forescout must be configured to synchronize internal information system clocks using redundant authoritative time sources.

DISA Rule

SV-230944r615886_rule

Vulnerability Number

V-230944

Group Title

SRG-APP-000373-NDM-000298

Rule Version

FORE-NM-000160

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.
CCI-001893 - The information system identifies a secondary authoritative time source that is located in a different geographic region than the primary authoritative time source.

Weight

Fix Recommendation

Configure Forescout to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources.

1. Open an SSH session and authenticate to the Forescout command line.
2. Configure the primary and secondary NTP servers with the command "fstool ntp setup <ip address>".

Check Contents

Determine if Forescout is configured to synchronize internal clocks with the organization's primary and secondary NTP servers.

1. Open an SSH session and authenticate to the Forescout command line.
2. Verify a primary and secondary NTP server has been configured with the command "fstool ntp test".

If Forescout is not configured to synchronize internal information system clocks with the organization's primary and secondary NTP servers, this is a finding.

Forescout must be configured to synchronize internal information system clocks using redundant authoritative time sources.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments