Sec/User Mgmt: Step 3. Configure System-Level Security Settings

Document created by RSA Information Design and Development on Mar 23, 2017Last modified by RSA Information Design and Development on Apr 7, 2017
Version 2Show Document
  • View in full screen mode
  

This topic explains how to set system-wide security parameters.

Most global security settings, such as the maximum number of failed login attempts to allow, apply to all Security Analytics users and sessions.  Settings related to password expiration, such as password expiration period and the default number of days before user passwords expire, apply to internal Security Analytics users, but not external users.

In addition to specifying the global default user expiration period, you can specify if and when internal Security Analytics users receive notification that their passwords are about to expire. The password expiration notification consists of a one-time email and password expiration messages when they log on to Security Analytics.

Configure Security Settings

  1. In the Security Analytics menu, select Administration > Security.
    The Security view is displayed with the Users tab open.
  2. Click the Settings tab.
  3. In the Security Settings section, specify values for the fields as described in the following table.

                                           
    FieldDescription
    Lockout PeriodNumber of minutes to lock a user out of Security Analytics after the configured number of failed logins is exceeded. The default value is 20 minutes.
    Idle PeriodNumber of minutes of inactivity before a session times out. The default value is 60. If the value is 0, the session will not timeout.
    Session TimeoutThe maximum duration of a user session before timing out  The default value is 600. If the value is 0, there is no maximum time for a session. If the value is a positive integer, the session times out when the configured time has elapsed. The user must log in again.
    Case Insensitive User NameSelect this option if you want the RSA Security Analytics Username field on the login screen to be case insensitive. For example, you could use Admin or admin to log on to Security Analytics.
    Max Login FailuresThe maximum number of unsuccessful login attempts before a user is locked out. The default value is 5
    Global Default User Password Expiration PeriodThe default number of days before a password expires for all internal Security Analytics users. A value of zero (0) disables password expiration.  For upgrades and new installations, the default value is zero (0).
    Notify User <n> Days Prior to Password ExpiryThe number of days before the password expiration date, to notify a user that their password is about to expire. Users receive a one-time email on the specified date before their passwords expire. They also see a Password Expiration Message dialog when they log on to Security Analytics.
    A value of zero (0) disables automatic password expiration notification. If you set the Global Default User Password Expiration Period to zero (0), users do not receive automatic password expiration notifications. 
  4. Click Apply. The Security Settings take effect immediately. If a password expires, the user receives a prompt to change the password when they log on to Security Analytics.
You are here
Table of Contents > Set Up System Security > Step 3. Configure System-Level Security Settings

Attachments

    Outcomes