When devices fail the policy assessment, Forescout must create a record with sufficient detail suitable for forwarding to a remediation server for automated remediation or sending to the user for manual remediation. This is required for compliance with C2C Step 3.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-233317 | FORE-NC-000090 | SV-233317r811383_rule | CCI-000213 | medium |
| Description | ||||
| Notifications sent to the user and/or network administrator informing them of remediation requirements will ensure that action is taken. | ||||
| STIG | Date | |||
| Forescout Network Access Control Security Technical Implementation Guide | 2025-06-12 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-3
1.00
- DISA · V2R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.1.1
1.00
- DISA · V2R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.1.2
1.00
- DISA · V2R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000213
1.00
- DISA · V2R4 · disa_xccdf · related
Details
Check Text (C-233317r811383_chk)
If DoD is not at C2C Step 3 or higher, this is not a finding.
Verify Forescout sends user and/or admin notification of remediation requirements, whether manual or automated.
If the NAC does not flag for future manual or automated remediation, devices failing policy assessment that are not automatically remediated either before or during the remote access session, this a finding.
Fix Text (F-36477r605655_fix)
Log on to the Forescout UI.
1. Within the Policy tab, locate the Compliance policies.
2. Within the policy Sub-Rule, ensure all policies that indicate remediation have been configured to notify the user and/or network administrator of required action.