Check: FORE-NM-000340
Forescout Network Device Management STIG:
FORE-NM-000340
(in version v1 r1)
Title
Forescout must disable the Request Customer Verification setting. (Cat III impact)
Discussion
To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable unused or unnecessary physical and logical ports/protocols on information systems. This option connects to a user verification server at Forescout infrastructure used for verification of customer profiles and must not be used in DoD. If accidentally checked, this must error out.
Check Content
In the Password and Sessions login options, ensure "request customer verification" is not enabled. 1. Log on to the Forescout Administrator UI. 2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions. 3. Ensure the option for "request customer verification" is unchecked. If the Request Customer Verification setting is enabled, this is a finding.
Fix Text
In the Password and Sessions login options, disable the "request customer verification" option. 1. Log on to the Forescout Administrator UI. 2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions. 3. Ensure the option for "request customer verification" is unchecked.
Additional Identifiers
Rule ID: SV-230960r615886_rule
Vulnerability ID: V-230960
Group Title: SRG-APP-000142-NDM-000245
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000382 |
The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services. |
Controls
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |