Filter
Top Products
Management
Management tool
Security policies
The default security policy is the US Government FIPS-140-2 guidelines (Federal
Information Processing Standard); however, PCI DSS 1.2 guidelines (Payment Card
Industry Data Security Standard) are also supported. The selected security policy affects the
login rules in the following ways:
FIPS-140-2 guidelines
The only part of the FIPS-140-2 guidelines that is supported is:
Passwords must be at least six characters long.
Passwords must contain at least four different characters.
PCI DSS 1.2 guidelines
Passwords must be a minimum of seven characters.
Passwords must contain both numeric and alphabetic characters.
Users must be locked out after not more than six failed attempts.
The lockout duration must be at least thirty minutes or until a manager enables the user
ID.
A user must log in again If a session has been idle for more than 15 minutes.
Security
The management tool is protected by the following security features:
Allowed IP address: You can configure a list of subnets from which access to the
management tool is permitted.
Active interfaces: You can enable or disable access to the management tool for each of
the following:
LAN port
Internet port
VPN
VLAN/GRE.
These settings also apply when SSH is used to access the command line interface.
4-6