STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Forescout must be running an operating system release that is currently supported by the vendor.

DISA Rule

SV-230953r615886_rule

Vulnerability Number

V-230953

Group Title

SRG-APP-000516-NDM-000351

Rule Version

FORE-NM-000260

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Check that Forescout is still running supported operating system versions and that all vulnerability patches and updates have been applied.

Establish and document a procedure that requires the auditing of OS versions and any patches and updates have been applied in accordance with Forescout support website lifecycle page.

Check Contents

Check that Forescout is still running supported operating system versions and that all vulnerability patches and updates have been applied.

Verify the installed version is supported by Forescout by checking the Forescout support website lifecycle page. Currently, Version 8 or later is mandatory after October 2021.

If Forescout is running an operating system release that is not supported by the vendor, this is a finding.

Vulnerability Number

V-230953

Documentable

False

Rule Version

FORE-NM-000260

Severity Override Guidance

Check that Forescout is still running supported operating system versions and that all vulnerability patches and updates have been applied.

Verify the installed version is supported by Forescout by checking the Forescout support website lifecycle page. Currently, Version 8 or later is mandatory after October 2021.

If Forescout is running an operating system release that is not supported by the vendor, this is a finding.

Check Content Reference

M

Target Key

5245

Comments