In our environment we have installed Application Control and Forescout in our NAC deployment, our NAC uses the Forescout agent, the agent will ***** the system and let the system access to the network or block the access based on the result of the assesment.
But we are getting block messages, execution denied when the forescout agent execute some tasks. The problem is that the user who execute that is SYSTEM, and we can't set a proper policy in order to let the .bat run properly, Any ideas? There is some documentation about MAC and Forescout? Someone got this issues too?
Looks like these scripts are being generated temporarily. Is Forescout agent generating these? If yes, then that should be the updater.
Can you check in your Policy discovery console for any Forescout binaries being suggested for updater Policy?