Rule ID
SV-230935r1113787_rule
Version
V2R3
CCIs
CCI-000050
The banner must be acknowledged by the administrator prior to the device allowing the administrator access to the network device. This provides assurance that the administrator has seen the message and accepted the conditions for access. If the consent banner is not acknowledged by the administrator, DOD will not be in compliance with system use notifications required by law. To establish acceptance of the network administration policy, a click-through banner at management session logon is required. The device must prevent further activity until the administrator executes a positive action to manifest agreement. In the case of CLI access using a terminal client, entering the username and password when the banner is presented is considered an explicit action of acknowledgement. Entering the username, viewing the banner, then entering the password is also acceptable. The web management tool configuration setting works for both the CLI and the web management tool.
Verify Forescout retains the Standard Mandatory DOD-approved Notice and Consent Banner on the screen until users acknowledge the usage conditions and takes explicit actions to log on for further access. Attempt to log on to the Forescout device as a system administrator using the web management tool. If Forescout does not retain the Standard Mandatory DOD-approved Notice and Consent Banner on the screen until users acknowledge the usage conditions and take explicit actions to log on for further access, this is a finding.
Configure banner retention. 1. From the UI, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions. 2. Select the "Login" tab and check the "Before login, prompt user to accept these Terms and Conditions". 3. Select "Apply" to save the settings.