Security policy templates use existing Forescout CounterACT® functionality to detect, evaluate, and respond to vulnerabilities and threats – speeding and simplifying your response. When this plugin is installed, security policy templates are available in the Policy view of the Console under the Vulnerability and Response sub-folder in the Templates tree.
Policy Templates in This Release
The following templates are new or have been significantly updated in this release:
VR VPNFilter (version 18.0.7)
VPNFilter malware is a threat that targets a wide range of routers and network-attached storage (NAS) devices. VPNFilter can collect confidential information and tamper with network traffic as it passes through an infected router, as well as render the router unusable. The malware can also survive a reboot of the router. For more information, see https://blog.talosintelligence.com/2018/06/vpnfilter-update.html
Policies you create with this template detect potentially vulnerable devices. The policy can be tailored by the operator to specify different ports, or to identify different patterns that indicate vulnerability. To scan endpoints that are connected through potentially infected devices, you can utilize a third party router testing tool for the VPN Filter malware provided by Symantec: http://www.symantec.com/filtercheck/
Security Policy Reports in the CounterACT Dashboard
Beginning with version 18.0.7, the CounterACT Dashboard (for CounterACT 8.0) automatically creates a new widget for each installed Security Policy Template. The widget reports the current discovery status of the policy.
For More Information:
For additional information, please refer to Knowledge Base Article #000005514 which can be accessed via support.forescout.com using your login credentials. You can also contact [email protected] for additional questions.
© 2018. Forescout Technologies, Inc. is a Delaware corporation. The Forescout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners.