Description
A product declared end of service (EOS) by the manufacturer has been detected on the network. An EOS product indicates that the product is no longer eligible for any support, security patches, or replacement parts. Products at this stage of the product life cycle are more likely to have vulnerabilities that needs to be patched, and without service support, those vulnerabilities will remain open until the product is replaced or upgraded. Using end-of-service products also violates several compliance frameworks, like PCI and HIPAA.
Remediation
Replace or upgrade the product. Review the manufacturers statement about end of service guidelines for replacement products or contact the manufacturer. In some cases, it may be possible to negotiate a custom support plan for the EOS product.
How can this issue be resolved?
- I have fixed this
- The server on the specified IP has been removed from our network and is no longer in service.
- I have a compensating control
- This server has an extensive contract with the manufacturer for additional support for (x) years. I have provided the documentation that details this extensive support.
- This is not my IP or domain
- This does not belong to our company, it belongs to (x).
- The IP is no longer part of our network.
- I cannot reproduce this issue and I think it’s incorrect
- This server is not EOL, additional information can be found here (x), as this server is (x).