UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Forescout must send an alert to the Information System Security Manager (ISSM) and System Administrator (SA), at a minimum, when critical security issues are found that put the network at risk. This is required for compliance with C2C Step 2.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233316 FORE-NC-000080 SV-233316r811381_rule Medium
Description
Requiring authentication and authorization of both the user's identity and the identity of the computing device is essential to ensuring a non-authorized person or device has entered the network.
STIG Date
Forescout Network Access Control Security Technical Implementation Guide 2023-06-22

Details

Check Text ( C-36511r811380_chk )
If DoD is not at C2C Step 2 or higher, this is not a finding.

Verify Forescout performs device authentication before policy assessment is performed.

If device authentication is not completed prior to the NAC check, this is a finding.
Fix Text (F-36476r605652_fix)
Log on to the Forescout UI.

1. Locate the Authentication & Authorization policy.
2. Ensure the Authentication & Authorization policy happens prior to any NAC check.