From ForeScout CounterACT NDM Security Technical Implementation Guide
Part of SRG-APP-000142-NDM-000245
Associated with: CCI-000382
CounterACT is capable of providing a wide variety of functions and services. Some of the functions and services provided by default may not be necessary to support essential organizational operations. Additionally, it is sometimes convenient to provide multiple services from a single component (e.g., email and web services); however, doing so increases risk over limiting the services provided by any one component.
Navigate to the plugin tool and remove all unneeded or unsecure services. 1. Connect to the CounterACT Console and select Tools >> Options >> Plugins. 2. Review the list of plugins. If an unnecessary or nonsecure service is "Enabled", select the plugin and then select "Configure". If no configuration is present, this is a finding. If any unnecessary or nonsecure functions are enabled, this is a finding.
Configure the network device to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services. The following is an example of disabling the wireless plugin if no wireless devices are directly managed by CounterACT. Example: 1. Connect to the CounterACT Console and select Tools >> Options >> Plugins. 2. Determine if the wireless plugin status is "Enabled", select the plugin, and select "Stop" (for all appliances). This process can be used to disable or remove plugins not being used.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer