Security policy templates use existing Forescout CounterACT® functionality to detect, evaluate, and respond to vulnerabilities and threats – speeding and simplifying your network response. When this plugin is installed, security policy templates are available in the Policy view of the Console under the Vulnerability and Response sub-folder in the Templates tree.
- To work with these templates, it is recommended to:
- Read the release notes and review the policy logic in the Console’s Policy view.
- Enable/add mitigation actions to generated policies.
For details of working with CounterACT® policies, see the Console User Manual.
Policy Templates in This Release
The following template is new or has been significantly updated in this release:
VR BLEEDINGBIT (version 18.0.11)
The policies you create with this template classify wireless Access Points and devices connected by WiFi according to their BLEEDINGBIT vulnerability (For details about this vulnerability, see: CVE-2018-16986)
VR BLEEDINGBIT OAD (version 18.0.11)
The policies you create with this template classify wireless Access Points and devices connected by WiFi according to their BLEEDINGBIT OAD vulnerability in the over the air firmware download feature of the device.
VR UPnP Servers (version 18.0.11)
The policies you create with this template use Active Scanning to remotely evaluate whether the endpoints and devices in the policy scope have UPnP Servers that are exposed to network traffic. This policy evaluates both managed and unmanaged endpoints. No credentials are required for endpoint login.
Users can customize the policy rules to add or exclude ports, server addresses, or IP address ranges.
Updates now available
|Module||Update Available||Applicable CounterACT Versions||Update available via:
“Check for Updates” (recommended), or direct download via the links below
|Security Policy Template||18.0.11||7.0
|Customer Portal (Flexx licensing)|
|updates.forescout.com(appliance based licensing)||Release Notes|
THIS NOTIFICATION IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION IN THIS ALERT OR MATERIALS LINKED FROM THIS ALERT IS AT YOUR OWN RISK. FORESCOUT RESERVES THE RIGHT TO CHANGE OR UPDATE THIS ALERT AT ANY TIME.
Forescout Confidential and Proprietary
This alert may contain Forescout proprietary and confidential information and must be protected by the recipient accordingly. The information in this Alert is not meant for general dissemination and may only be used by the recipient in connection with the services reflected in this Alert. Any unauthorized use or dissemination of this Alert in whole or in part is strictly forbidden.
© 2018. Forescout Technologies, Inc. is a Delaware corporation. The Forescout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners. Version 04_18