Security Policy Templates version 18.0.4 is available.
Supported CounterACT Versions
Customers who are working with the following CounterACT version can install the plugin:
- 7.0.0 or above
It is recommended to install the latest service pack.
- An active Maintenance Contract for CounterACT devices is required.
- Windows Vulnerability DB version 18.0.1 or above.
- Wireless Plugin 22.214.171.1249 or higher is required to work with VR WPA2 KRACK security templates. You can download and install Wireless Plugin 126.96.36.1999 from the following location: http://updates.forescout.com/support/files/plugins/wireless/188.8.131.529/184.108.40.2069-17002009/Forescout-wireless-220.127.116.119-17002009.fpi
- Wireless Plugin 1.5.1 or above must be installed and running to work with VR Cisco IOS/IOS-XE security templates.
- Switch Plugin 8.7.3 or above must be installed and running to work with VR Cisco IOS/IOS-XE security templates.
- Advanced Tools Plugin release 18.104.22.168 or above installed and running, and the Windows Manageable SecureConnector (via any interface) host property must be enabled (see the Forescout CounterACT Security Policy Template Configuration Guide for more information).
- VPN Concentrator Plugin 4.0.6 or above installed and running for working with the VR ASA security templates.
- Linux Plugin version 1.1.0 or above installed and running for working with the VR Intel SA-00075 AMT/ISM/SBT, VR Intel SA-00086 ME/SPS/TXE, and VR AMDflaws security templates.
- OS X Plugin version 1.2.0 or above installed and running for working with the VR macOS High Sierra Admin Bypass and VR AMDflaws security templates.
- Windows PowerShell scripts must be allowed to run on Windows managed endpoints running Windows 7, Windows 20xx Server or above for working with the VR Meltdown and VR Spectre templates.
- To run policy actions on endpoints with Secure Connector installed, Secure Connector must be running as a service.
About Security Policy Templates
Security policy templates use existing Forescout CounterACT® functionality to detect, evaluate, and respond to vulnerabilities and threats – speeding and simplifying your network response. When you install this plugin, templates are available in the Policy view of the Console under the Vulnerability and Response sub-folder in the Templates tree. To work with these templates, it is recommended to:
- Read these release notes, and review policy logic in the Console’s Policy view.
- Enable/add mitigation actions to generated policies.
For details of working with CounterACT policies, see the Console User Manual.
New Template Naming Convention
Starting with release 18.0.1, the Security Policy Templates are named as follows:
VR < vulnerability name >
For example, the Bad Rabbit Detect and Vaccinate (managed endpoints) policy template is now named VR Bad Rabbit. VR stands for Vulnerability and Response, which is the new name for the Security Policy Templates sub-folder in the Policy Wizard.
Policy Templates in This Release
The following templates are new or have been significantly updated.
VR Cisco IOS/IOS-XE
The policies you create with this template detect potentially vulnerable infrastructure devices with all versions of Cisco IOS and IOS XE software installed. Once vulnerable devices are detected, you should upgrade to the latest fixed software version. This policy evaluates configured Cisco Switch devices.
This release is available at the following location:
Release Notes are available at the following location:
The Configuration Guide is available at the following location:
More Release Information
Information about currently available releases of this plugin is available at the following location:
In addition, you can contact the Forescout Beta Manager at [email protected] for information about Beta releases.
You can access the Plugin Configuration Guide either from the Customer Support Portal or in the Console, by selecting Tools > Options > Plugins. Select this plugin and then select Help.
This release provides important fixed issues which are described in the Release Notes.
© 2018. Forescout Technologies, Inc. is a Delaware corporation. The Forescout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners.