STIGQter: STIG Summary: Forescout Network Access Control Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

When devices fail the policy assessment, Forescout must create a record with sufficient detail suitable for forwarding to a remediation server for automated remediation or sending to the user for manual remediation.

DISA Rule

SV-233317r611394_rule

Vulnerability Number

V-233317

Group Title

SRG-NET-000015-NAC-000110

Rule Version

FORE-NC-000090

Severity

CAT II

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Log on to the Forescout UI.

1. Within the Policy tab, locate the Compliance policies.
2. Within the policy Sub-Rule, ensure all policies that indicate remediation have been configured to notify the user and/or network administrator of required action.

Check Contents

Verify Forescout sends user and/or admin notification of remediation requirements, whether manual or automated.

If the NAC does not flag for future manual or automated remediation, devices failing policy assessment that are not automatically remediated either before or during the remote access session, this a finding.

Vulnerability Number

V-233317

Documentable

False

Rule Version

FORE-NC-000090

Severity Override Guidance

Verify Forescout sends user and/or admin notification of remediation requirements, whether manual or automated.

If the NAC does not flag for future manual or automated remediation, devices failing policy assessment that are not automatically remediated either before or during the remote access session, this a finding.

Check Content Reference

M

Target Key

5250

Comments