CounterACT must disable all unnecessary and/or nonsecure plugins.

From ForeScout CounterACT NDM Security Technical Implementation Guide

Part of SRG-APP-000142-NDM-000245

Associated with: CCI-000382

SV-90911r1_rule CounterACT must disable all unnecessary and/or nonsecure plugins.

Vulnerability discussion

CounterACT is capable of providing a wide variety of functions and services. Some of the functions and services provided by default may not be necessary to support essential organizational operations. Additionally, it is sometimes convenient to provide multiple services from a single component (e.g., email and web services); however, doing so increases risk over limiting the services provided by any one component.If the 802.1x plugin is installed and there are no wireless APs or controllers directly managed by CounterACT, the wireless plugin should be disabled. The wireless plugin enabled with no configuration will also produce a finding.

Check content

Navigate to the plugin tool and remove all unneeded or unsecure services. 1. Connect to the CounterACT Console and select Tools >> Options >> Plugins. 2. Review the list of plugins. If an unnecessary or nonsecure service is "Enabled", select the plugin and then select "Configure". If no configuration is present, this is a finding. If any unnecessary or nonsecure functions are enabled, this is a finding.

Fix text

Configure the network device to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services. The following is an example of disabling the wireless plugin if no wireless devices are directly managed by CounterACT. Example: 1. Connect to the CounterACT Console and select Tools >> Options >> Plugins. 2. Determine if the wireless plugin status is "Enabled", select the plugin, and select "Stop" (for all appliances). This process can be used to disable or remove plugins not being used.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer