Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

 

Add_workflow_for_techpubs
AUTH2pmohan
AUTH1sbsarkar
REV5dalves
REV6radaikalam
REV3jjchen
REV1
REV2gcooper

...

borderColorgreen
bgColortransparent
borderWidth2

Back to Table of Contents

Back to Administration

...


Panel

In this section:

Table of Contents
maxLevel2

Application Management is a new tool that provides the capability to manage many security-related system settings.

On SBC main screen, go navigate to Administration > Users and Application Management > Application Management.

The Application Management window is displayeddisplays.

Caption
0Figure
1Users and Application Management - Application Management

Image Modified

Configure Accounts

This section provides you an option to disable accounts. Enter the following fields and click Save:

  • Disable after CI and EMA Users After Failed Attempts: The accounts gets disabled after successive failed attempts.
  • Disable OS Users After Failed Attempts: The Linux OS users gets blocked after certain failed attempts.
  • Disable if Account is Unused: The account gets disabled if it is not used for specific period of time.
  • Disable after no use for: The account gets disabled after the number of days mentioned for this parameter.

Configure Password

This section provides an option to configure passwords for users. It also specifies the criteria to establish a good password to access the EMA. Enter the following fields and click Save:

  • Enable Password Expiration: If this field is enabled, every password will have an expiration date.
  • Expire Password after: Specifies the number of days to retain the existing password. After which, the password gets expired. The value ranges from 30 to 180 days and the default value is 90 days.
  • Warn User of Expiring Password: The system warns the user of expiring password prior to the number of days mentioned against this field. The default value is 12 days.
  • Prevent Reuse of Last: This field prevents the user from re-using the last few passwords (last 4 passwords).
  • Min Length: Specifies the minimum number of characters in a password. The default value is 8 characters.
  • Min Uppercase Characters: Specifies the minimum number of uppercase characters that can be used to create the password. Minimum required is 1 Uppercase character.
  • Min Special Characters: Specifies the minimum number of special characters that are allowed in a password. Minimum required is 1 Special character.
  • Min Digits: Specifies the minimum number of digits that are allowed in a password. Minimum required is 1 Digit.
  • Max Consecutive Repeats of Character: Specifies the number of times a character can be reused in a password. A maximum of 3 consecutive repeats are allowed.
  • Min Number of Characters Different than Previous Password: Specifies the number of characters that should be different from the last password created. Allowed number of characters are 4.

The following table describes the minimum, maximum and default values to configure the password:

Caption
0Table
1Password Rules
Parameter NameRangeDefault / Required
Expire Password after30-180 days90 days
Warn User of Expiring PasswordNA12 days
Prevent Reuse of LastNA4 passwords

Min Length

8-24 characters

8 characters (required)

Min Uppercase Chars

NA1 character (required)
Min Special CharactersNA1 character (required)
Min DigitsNA1 digit (required)
Max Consecutive Repeats of CharacterNA3 repeats (max)
Min Number of Characters Different than Previous PasswordNA4 characters (min)
  • - If checked, the following options display:
    • Disable Account afterconsecutive failed logins - Number of failed attempts after which the SBC Users account gets locked temporarily.
    • If Failed Logins Disable Account - If the account is disabled, the following options are presented to ensure the account gets unlocked:
      • Enable after seconds - The number of seconds after which the SBC Users account is automatically enabled and is available for login.
      • Require Admin to enable - The administrator must manually enable the SBC Users disabled account.

  • Disable OS Users After Failed Attempts - If checked, the following options display:
    • Disable Account afterconsecutive failed logins - Number of failed attempts after which the Linux OS Users account gets locked temporarily.
    • If Failed Logins Disable Account - If the Linux OS Users account is disabled, the following options are presented to ensure the account gets unlocked:
      • Enable after seconds - The number of seconds after which the Linux OS Users account is automatically enabled and is available for login.
      • Require Admin to enable - The administrator must manually enable the disabled Linux OS Users account.
  • Disable CLI and EMA Users Account if Unused - If checked, the following option displays: 
    • Disable CLI and EMA Users After No Use For - Number of days for which the SBC waits since the last use of an SBC user's account, before disabling the account.

  • Disable OS Users if Account is Unused - If checked, the following option displays: 
    • - Number of days for which the SBC waits since the last use of an OS user's account, before disabling the account.

  • Remove Account if Disabled and Unused - If checked, the following option displays: 
    • Remove After No use for - Number of days for which the SBC waits after an account is unused and disabled, before removing the account.

 

Configure Sessions

You can configure the options for sessions in this section. You can set the number of sessions allowed for each user along with the time for each session to be alive.

...

  • Limit Sessions to: You can limit the number of sessions assigned to each user. The maximum sessions for a user is 5.
  • Force Session Timeout: The application closes once the session time expires.

Note

It is recommended that Force Session Time option is always checked. This allows the software to automatically clean up the abandoned browser sessions after the specified timeout period. An abandoned browser session occurs when the user closes the browser without logging out of the application. If Force Session Timeout is unchecked, these abandoned sessions are not cleaned up and cause the user to reach their maximum number of allowed sessions.

 

  • End Session after: Specify the time in minutes after which the session times out.

 

 

Configure Login Banner

This section provides an option to configure your own banner which would appear displays on the Login screen of the EMA for all your users. Follow these the steps below and click Save:

  1. Enable Show Login Banner option to display all fields.
  2. Enable Require User to Acknowledge Banner before Loggin Logging in option to receive acknowledgement from the users every time they try to login.
  3. Enter your text that should be displayed as Banner in the text box next to Banner Text option.

Once the changes are saved, the Banner text will appear displays on the login screen.

Configure Password

This section provides an option to configure passwords for users. It also specifies the criteria to establish a good password to access the EMA. Enter the following fields and click Save:

  • Use Separate Password Rules for Administrators - If checked, separate password rules can be configured for Administrators and other types of users. The password rules are configured based on the following parameters:

    Caption
    0Table
    1Password Rule Parameters
    ParameterRangeDefault/RequiredDescription
    Prevent Reuse of LastNA4 passwordsThis field prevents the user from re-using the last few passwords.
    Min Length8-24 characters

    8 characters (required)

     
    Specifies the minimum number of characters in a password.
    Min Uppercase CharactersNA1 character (required)Specifies the minimum number of uppercase characters that can be used to create the password.
    Min Special CharactersNA1 character (required)Specifies the minimum number of special characters that are allowed in a password.
    Min DigitsNA1 digit (required)Specifies the minimum number of digits that are allowed in a password.
    Max Consecutive Repeats of CharacterNA3 repeats (max)Specifies the number of times a character can be reused in a password.
    Min Number of Characters Different than Previous PasswordNA4 character (min)Specifies the number of characters that should be different from the last password created.

 

  • Enable Password Expiration for CLI and EMA Users: If checked, every password will have an expiration date. Also, the following options display:


Caption
0Table
1Password Expiration
Parameter NameRangeDefault / Required
Expire Password after30-180 days90 days
Warn User of Expiring Password3-14 days12 days

 

  • Enable Password Expiration for OS Users - If checked, passwords of Linux OS users also gets expired after a set number of days.

  • Minimum Number of Days Before Password can be Changed -The value for this field denotes the minimum number of days (1 - 365 days) before the password can be changed. Counting starts from the day of changing the password for the last time. The default value is 1 day.

 

Disallowed Password Word List

To Create New Disallowed Password Word

To create a new disallowed password, click the Image Added button.

The Create New Disallowed Password Word frame displays.

Caption
0Figure
1Create New Disallowed Password Word

Image Added

 

The description of the parameter is given below:

Caption
0Table
1Create New Disallowed Password Word - Parameter Description
ParameterDescription
Word

A word (1-23 characters) which is not allowed as password.

 

Provide the word that is disallowed as password, and click Save. Click Undo Edits to cancel all changes.

Note
  • The number of words allowed in the dictionary is 0 (empty) to 5000.
  • A word is defined as a string of up to 255 ASCII characters.

 

To Edit Disallowed Password Word

To edit a disallowed password, select the password from the Disallowed Password Word List frame.

Caption
0Figure
1Select Disallowed Password Word

Image Added

 

The Edit Disallowed Password Word frame appears.

Caption
0Figure
1Edit Disallowed Password Word

Image Added

 

Make necessary changes in the disallowed word, and click Save. Click Undo Edits to cancel all changes.

To Copy Disallowed Password Word

To copy a disallowed password, select the disallowed password from the Disallowed Password Word List frame, and click the Image Added button.

The Copy Disallowed Password Word frame appears.

Caption
0Figure
1Copy Disallowed Password Word

Image Added

 

Make necessary changes in the disallowed word, and click Save. Click Undo Edits to cancel all changes.

To Delete Disallowed Password Word

To delete a disallowed password, select the disallowed password from the Disallowed Password Word List frame, and click the Delete symbol at the end of the selected row.

A pop-up displays seeking confirmation to proceed with the deletion.

Caption
0Figure
1Delete Confirmation for Disallowed Password

Image Added 

 

Click Yes to finish deletion.