Forescout must generate a log record when the client machine fails policy assessment because required security software is missing or has been deleted.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-233335	FORE-NC-000340	SV-233335r616546_rule		Medium

Description
Generating log records with regard to modules and policies is an important part of maintaining proper cyber hygiene. Keeping and maintaining the logs helps to establish, correlate, and investigate the events relating to an incident, or identify those responsible for one.

STIG	Date
Forescout Network Access Control Security Technical Implementation Guide	2020-12-11

Details

Check Text ( C-36530r605708_chk )
Verify the policy assessment device uses TLS 1.2 to protect the confidentiality of the communication between the endpoint and the NAC. 1. Log on to the Forescout UI. 2. Select Tools >> Option >> HPS Inspection Engine >> SecureConnector. 3. In the Client-Server Connection, check the Minimum Supported TLS Version is set to TLS version 1.2. If the NAC does not use TLS 1.2, at a minimum, to protect the confidentiality of information passed between the endpoint agent and the NAC for the purposes of client posture assessment, this is a finding.

Check Text ( C-36530r605708_chk )

Verify the policy assessment device uses TLS 1.2 to protect the confidentiality of the communication between the endpoint and the NAC.

1. Log on to the Forescout UI.
2. Select Tools >> Option >> HPS Inspection Engine >> SecureConnector.
3. In the Client-Server Connection, check the Minimum Supported TLS Version is set to TLS version 1.2.

If the NAC does not use TLS 1.2, at a minimum, to protect the confidentiality of information passed between the endpoint agent and the NAC for the purposes of client posture assessment, this is a finding.

Fix Text (F-36495r616545_fix)
Log on to the Forescout UI. 1. Select Tools >> Option >> HPS Inspection Engine >> SecureConnector. 2. In the Client-Server Connection, set the Minimum Supported TLS Version to TLS version 1.2.