Forescout must be running an operating system release that is currently supported by the vendor.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-230953 | FORE-NM-000260 | SV-230953r615886_rule | Medium |
| Description |
|---|
| Network devices running an unsupported operating system lack current security fixes required to mitigate the risks associated with recent vulnerabilities. In Oct 2021, there is plan to make Version 7 end-of-life. This will be stated on the product lifecycle page of the Forescout website. All versions of V8 and above are authorized for use in DoD. Version 8 or later is mandatory after October 2021. |
| STIG | Date |
|---|---|
| Forescout Network Device Management Security Technical Implementation Guide | 2020-12-11 |
Details
| Check Text ( C-33883r603698_chk ) |
|---|
| Check that Forescout is still running supported operating system versions and that all vulnerability patches and updates have been applied. Verify the installed version is supported by Forescout by checking the Forescout support website lifecycle page. Currently, Version 8 or later is mandatory after October 2021. If Forescout is running an operating system release that is not supported by the vendor, this is a finding. |
| Fix Text (F-33856r603699_fix) |
|---|
| Check that Forescout is still running supported operating system versions and that all vulnerability patches and updates have been applied. Establish and document a procedure that requires the auditing of OS versions and any patches and updates have been applied in accordance with Forescout support website lifecycle page. |