Description
New updates are available for:
- Security Policy Templates use existing Forescout CounterACT® functionality to detect, evaluate, and respond to vulnerabilities and threats – speeding and simplifying your network response. When this plugin is installed, security policy templates are available in the Policy view of the Console under the Vulnerability and Response sub-folder in the Templates tree. To work with these templates, it is recommended to:
Read the release notes and review the policy logic in the Console’s Policy view.
For details of working with CounterACT policies, see the Console User Manual
Policy Templates in This Release
The following template is new or has been significantly updated in this release:
VR Git (version 18.0.10)
The policies you create with this template detect managed Windows, Linux/Unix and OS X end points with the Git vulnerability.
Although this policy may detect potential vulnerability on Windows and OS X endpoints, these systems are not considered vulnerable to the issue described in CVE-2018-17456.
Some tools such as Anti-Virus applications may prevent this policy from working properly. You may need to manually whitelist the fs_test_git_Linux.sh and fs_test_git_Mac.sh executables used in the Expected Script Results conditions.
- Windows Vulnerability DB Plugin: The update provides the most current Microsoft vulnerability update information to the HPS Inspection Engine Plugin for use with vulnerability policies. Working with this plugin makes vulnerability updates available to you soon after they are released from Microsoft.
- Device Profile Library: This update contains important Device Profile Library enhancements and fixed issues. These include New Profiles, New Classification Values, and Modified Profiles. Device Profile Library is applicable only to CounterACT version 8.
- HPS NIC Vendor DB Plugin: This release updates vendor information to reflect changes to the following identifiers maintained by the IEEE Standards Association:
- MA-L (MAC Address Block Large)
- MA-M (MAC Address Block Medium)
- MA-S (MAC Address Block Small)
This identifier was previously known as the OUI (Organizationally Unique Identifier).
Software updates are available through the “Check for Updates” feature in the Enterprise Manager console, and via download from updates.forescout.com for customers on appliance based licensing or from the Forescout Support Portal for customers on Flexx licensing. A current ActiveCare contract is required to obtain software updates.
Updates now available:
Module | Update Available | Applicable CounterACT Versions | Update available via: “Check for Updates” (recommended), or direct download via the links below | ||
Appliance based licensing | Flexx licensing | ||||
Security Policy Templates | 18.0.10 | 7.0.0, 8.0 | updates.forescout.com | Release Notes | Customer Portal |
Windows Vulnerability DB Plugin | 18.0.10 | 7.0.0, 8.0.x | updates.forescout.com | Release Notes | |
Device Profile Library | 18.0.10 | 8.0.1 | updates.forescout.com | Release Notes | |
HPS NIC Vendor DB | 18.0.10 | 8.0.0, 8.0.1 | updates.forescout.com | Release Notes | |
HPS NIC Vendor DB | 1.2.7 | 7.0.0 | updates.forescout.com | Release Notes |
For More Information:
For any questions, customers can contact Forescout Customer Care via the Forescout Support Portal.
© 2018. Forescout Technologies, Inc. is a Delaware corporation. The Forescout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners.