STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Forescout Network Access Control Security Technical Implementation Guide

V-233317

CAT II (Medium)

When devices fail the policy assessment, Forescout must create a record with sufficient detail suitable for forwarding to a remediation server for automated remediation or sending to the user for manual remediation. This is required for compliance with C2C Step 3.

Rule ID

SV-233317r811383_rule

STIG

Forescout Network Access Control Security Technical Implementation Guide

Version

V2R4

CCIs

CCI-000213

Discussion

Notifications sent to the user and/or network administrator informing them of remediation requirements will ensure that action is taken.

Check Content

If DoD is not at C2C Step 3 or higher, this is not a finding.

Verify Forescout sends user and/or admin notification of remediation requirements, whether manual or automated.

If the NAC does not flag for future manual or automated remediation, devices failing policy assessment that are not automatically remediated either before or during the remote access session, this a finding.

Fix Text

Log on to the Forescout UI. 

1. Within the Policy tab, locate the Compliance policies. 
2. Within the policy Sub-Rule, ensure all policies that indicate remediation have been configured to notify the user and/or network administrator of required action.