Security policy templates use existing Forescout CounterACT® functionality to detect, evaluate, and respond to vulnerabilities and threats – speeding and simplifying your response. When this plugin is installed, security policy templates are available in the Policy view of the Console under the Vulnerability and Response sub-folder in the Templates tree.
This update includes the ability to classify devices susceptible to ransomware, medical malware and industrial sabotage.
The following templates are new or have been significantly updated in this release:
VR Exposed Servers
The policies you create with this template detect traffic seen on the SPAN port to evaluate whether a network segment is exposed to internet traffic. The policy template includes definitions for identifiable ports that are classified as potentially vulnerable. Users can customize the policy rules to add or exclude ports, server addresses, or IP address ranges. By default, the untrusted domain is defined as all routable IP addresses.
The policies you create with this template detect JBoss application servers in a local network and perform a JBoss server scan to look for vulnerabilities.
The policies you create with this template detect managed Windows endpoints that are infected with the “I am sorry” variant of this malware.
VR Schneider Electric SCADA/HMI
The policies you create with this template detect vulnerabilities on managed Windows endpoints.
Software updates are available through the “Check for Updates” feature in the Enterprise Manager console, and via download from updates.forescout.com for customers on appliance based licensing or from the Forescout Support Portal for customers on Flexx licensing. A current ActiveCare Contract is required to obtain software updates.
Updates now available:
|Module||Update Available||Applicable CounterACT Versions||Update available via:
“Check for Updates” (recommended), or direct download via the links below
|Security Policy Template||18.0.5||7.0
|Customer Portal (Flexx licensing)|
|updates.forescout.com (appliance based licensing)||Release Notes|
For More Information:
For additional information, please refer to Knowledge Base Article #000005324 which can be accessed via support.forescout.com using your login credentials. You can also contact firstname.lastname@example.org for additional questions.
© 2018. Forescout Technologies, Inc. is a Delaware corporation. The Forescout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners.