STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

If the network device uses role-based access control, Forescout must enforce organization-defined, role-based access control policies over defined subjects and objects.

DISA Rule

SV-230954r616548_rule

Vulnerability Number

V-230954

Group Title

SRG-APP-000329-NDM-000287

Rule Version

FORE-NM-000270

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-002169 - The information system enforces a role-based access control policy over defined subjects and objects.

Weight

10

Fix Recommendation

Login to Forescout UI.

1. Select Tools >> Options >> CounterACT User Profiles.
2. Select username >> Edit >> Permissions.

Check the SSP against created users and ensure least privilege has been configured properly. Options include Custom accounts for Console Access and Web Access. Each access account is then further established with permissions based on the user's authorizations.

Check Contents

Check the administrative accounts assigned to each role are documented within the SSP and have been configured correctly with least privilege.

1. Log on to Forescout UI.
2. Select Tools >> Options >> CounterACT User Profiles.
3. Select username >> Edit >> Permissions.

Check the SSP against created users and ensure least privilege has been configured properly. Options include Custom accounts for Console Access and Web Access. Each access account is then further established with permissions based on the user's authorizations.

If Forescout does not enforce organization-defined, role-based access control policies over defined subjects and objects, this is a finding.

Vulnerability Number

V-230954

Documentable

False

Rule Version

FORE-NM-000270

Severity Override Guidance

Check the administrative accounts assigned to each role are documented within the SSP and have been configured correctly with least privilege.

1. Log on to Forescout UI.
2. Select Tools >> Options >> CounterACT User Profiles.
3. Select username >> Edit >> Permissions.

Check the SSP against created users and ensure least privilege has been configured properly. Options include Custom accounts for Console Access and Web Access. Each access account is then further established with permissions based on the user's authorizations.

If Forescout does not enforce organization-defined, role-based access control policies over defined subjects and objects, this is a finding.

Check Content Reference

M

Target Key

5245

Comments