Title

Forescout must send an alert to the Information System Security Manager (ISSM) and System Administrator (SA), at a minimum, when critical security issues are found that put the network at risk. This is required for compliance with C2C Step 2. (Cat II impact)

Discussion

Requiring authentication and authorization of both the user's identity and the identity of the computing device is essential to ensuring a non-authorized person or device has entered the network.

Check Content

If DoD is not at C2C Step 2 or higher, this is not a finding. Verify Forescout performs device authentication before policy assessment is performed. If device authentication is not completed prior to the NAC check, this is a finding.

Fix Text

Log on to the Forescout UI. 1. Locate the Authentication & Authorization policy. 2. Ensure the Authentication & Authorization policy happens prior to any NAC check.

Additional Identifiers

Rule ID: SV-233316r811381_rule

Vulnerability ID: V-233316

Group Title: SRG-NET-000015-NAC-000100

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.