Session Lifetime Limits

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

A session lifetime defines a session duration. Session lifetime is an important security feature because it prevents administrators from keeping sessions open indefinitely, leaving them vulnerable to unauthorized access. When you edit a session lifetime, you can change settings such as the maximum session lifetime, and how long a session can be idle before the system closes it.

Each time an administrator logs on to the Security Console, Operations Console, or Self-Service Console, the following sessions are created:

Up to ten administrators can be logged on at the same time.

You can create different sets of session attributes for the primary instance and the replica instance.

Logon Session

Logon Session settings control the lifetime for sessions that are abandoned or have not completed the authentication process. These sessions affect the following types of logon sessions:

  • Security Console (administrators)

  • Operations Console (administrators)

  • Self-Service Console (non-administrative)

  • Users who are authenticating through risk-based authentication (non-administrative)

The defaults for these settings are three minutes idle time-out and eight minutes of total lifetime.

EAP32 Session Lifetime

Extensible Authentication Protocol (EAP) Session settings control the initial session lifetime for EAP32 Sessions.

Console and Command API Session

The Console and Command API Session settings control the authenticated or active sessions for administrators in the web-based consoles or the command application programming interface (API). The default settings are 30 minutes idle time-out and 8 hours of total lifetime.

The Authentication Manager web-based administrative consoles are the Security Console and the Operations Console. The command API is used by programmers, web developers, or systems engineers responsible for developing custom software applications that interact with the Authentication Manager system. For information on the command API, see the RSA Authentication Manager 8.2 Developer’s Guide.

 

 


Attachments

    Outcomes