beautypg.com

Dlp-e131 change security policy on multiple nodes – Cisco 15600 User Manual

Page 27

background image

17-27

Cisco ONS 15600 Procedure Guide, R8.0

Chapter 17 DLPs E100 to E199

DLP- E131 Change Security Policy on Multiple Nodes

Step 3

In the User Lockout area, you can modify the following:

Failed Logins Before Lockout—Choose the number of failed login attempts a user can make before
the user is locked out from the node. You can choose a value between 0 and 10.

Manual Unlock by Superuser—Check this box if you want to allow a user with Superuser privileges
to manually unlock a user who has been locked out from a node. The user will remain locked out
until a Superuser manually unlocks the user.

Lockout Duration—Choose the amount of time the user will be locked out after a failed login. You
can choose a value between 0 and 10 minutes, and 0 and 55 seconds (in five-second intervals).

Step 4

In the Password Change area, you can modify the following:

Require [nn] different passwords...—Choose a value between 0 and 10 to determine how many
different passwords have to be created before a password can be reused.

...or a waiting period of [nn] days before password reuse—Choose a value between 0 and 30 days
to set the amount of time (in days) before a password can be reused.

Note

“Require [nn] different passwords or a waiting period of [nn] days before password reuse” is an
OR statement, meaning that either one of the two conditions that you set can be satisfied for a
password to be reused.

Step 5

In the Concurrent Logins area, click Single Session Per User if you want to limit users to a single login
session.

Step 6

Click Apply. Confirm that the changes appear; if not, repeat the task.

Step 7

Return to your originating procedure (NTP).

DLP-E131 Change Security Policy on Multiple Nodes

Step 1

From the View menu, choose Go To Network View.

Step 2

Click the Provisioning > Security > Policy tabs. A read-only table of nodes and their policies appears.

Step 3

Click a node on the table that you want to modify, then click Change.

Step 4

In the Idle User Timeout area, you can modify the timeout times for each security level by clicking the
hour (H) and minute (M) arrows. You can choose values between 0 and 16 hours and 0 and 59 minutes.

Step 5

In the User Lockout area, you can modify the following:

Failed Logins Before Lockout—Choose the number failed login attempts a user can make before the
user is locked out from the node. You can choose a value between 0 and 10.

Purpose

This task changes the security policy for multiple nodes including idle user
timeouts, user lockouts, password change, and concurrent login policies.

Tools/Equipment

None

Prerequisite Procedures

DLP-E26 Log into CTC, page 16-33

Required/As Needed

As needed

Onsite/Remote

Onsite or remote

Security Level

Superuser

See also other documents in the category Cisco Computer Accessories: