Sec/User Mgmt: Settings Tab

Document created by RSA Information Design and Development on Sep 19, 2017Last modified by RSA Information Design and Development on Oct 2, 2017
Version 3Show Document
  • View in full screen mode
  

This topic explains the Admin > Security view > Settings tab. In the Settings tab, you configure password complexity for internal NetWitness Suite users and system-wide security parameters.

For information on configuring NetWitness Suite security, see Set Up System Security.

Password complexity requirements apply only to internal users and are not enforced for external users. External users rely on their own methods and systems to enforce password complexity.

What do you want to do?

                            
RoleI want to ...Show me how
AdminConfigure password complexityStep 1. Configure Password Complexity
AdminConfigure system-level security settingsStep 3. Configure System-Level Security Settings
Admin(Optional) Configure external authenticationStep 4. (Optional) Configure External Authentication

Related Topics

Admin Security View Settings Tab

To access the Settings tab:

  1. Go to ADMIN > Security.
    The Security view is displayed with the Users tab open.
  2. Click the Settings tab.

The following figure shows the Password Settings section of the Settings tab.

Password Settings section of the Security Settings tab

The following figure shows the Security Settings section of the Settings tab.

Security Settings section of the Settings tab

The following figure shows the PAM Authentication and Active Directory Configurations sections of the Settings tab.

PAM Authentication and Active Directory sections of the Settings tab

Password Settings

The Password Policy section enables you to configure password complexity requirements for internal NetWitness Suite users when they set their passwords.

                                                       
OptionDescription
Password will expire after <n> days The default number of days before a password expires for all internal NetWitness Suite users. A value of zero (0) disables password expiration. For new installations, the default value is 30. For upgrades, the previous value will migrate automatically to the upgraded installation.
Users will be notified <n> days prior to password expiringThe number of days before the password expiration date, to notify a user that their password is about to expire. Users receive a one-time email on the specified date before their passwords expire. They also see a Password Expiration Message dialog when they log on to NetWitness Suite. The minimum value is 1 day.
Minimum Password LengthSpecifies a minimum password length requirement for NetWitness Suite user passwords. A minimum password length prevents users from using short passwords that are easy to guess.
Uppercase Specifies a minimum number of uppercase characters for the password. This includes European language characters A through Z, with diacritic marks, Greek characters, and Cyrillic characters. For example:
  • Cyrillic uppercase: Д Ц
  • Greek uppercase: Π Λ
Lowercase Specifies a minimum number of lowercase characters for the password. This includes European language characters a through z, sharp-s, with diacritic marks, Greek characters, and Cyrillic characters. For example:
  • Cyrillic lowercase: д ц
  • Greek lowercase: π λ
Decimal DigitsSpecifies a minimum number of decimal characters (0 through 9) for the password.
Special (~!@#$%^&*_-+=`|'(){}[]:;<>,".?/)Specifies a minimum number of special characters for the password:
~!@#$%^&*_-+=`|'(){}[]:;<>,".?/
Non-Latin Alphabetic Specifies a minimum number of Unicode alphabetic characters that are not uppercase or lowercase. This includes Unicode characters from Asian languages. For example:
  • Kanji (Japanese): 頁 (leaf) 枒 (tree)
Password May Not Contain UsernameSpecifies that a password cannot contain the case-insensitive username of the user.
Force all internal users to change their passwords on the next login Forces all internal users to change their passwords the next time they log on to NetWitness Suite instead of when they create or change their passwords. Note that this setting is checked by default.
ApplyPassword strength settings take effect when NetWitness Suite users create or change their passwords. If Force all internal users to change their passwords on the next login is selected, all internal users must change their password the next time they log on to NetWitness Suite.

Security Settings

The Security Settings section enables you to configure global security settings for NetWitness Suite users.

                                 
OptionDescription
Lockout PeriodNumber of minutes to lock a user out of NetWitness Suite after the configured number of failed logins is exceeded. The default value is 20 minutes.
Max Login FailuresThe maximum number of unsuccessful login attempts before a user is locked out. The default value is 5
Session TimeoutThe maximum duration of a user session before timing out in minutes. The default value is 600. If the value is 0, there is no maximum time for a session. If the value is a positive integer, the session times out when the configured time has elapsed. The user must log in again.
Idle PeriodNumber of minutes of inactivity before a session times out. The default value is 10. If the value is 0, the session will not timeout.
Usernames are case sensitiveSelect this option if you want the Username field on the NetWitness Suite login screen to be case sensitive. For example, if usernames are case sensitive, you could use admin to log on to NetWitness Suite, but you could not use Admin.
ApplyMakes the settings become effective immediately. 

PAM Authentication

The PAM Authentication section enables you to configure NetWitness Suite to use Active Directory or PAM to authenticate and test external user logins.

                       
OptionDescription
Enable PAM AuthenticationAllows NetWitness Suite to use Pluggable Authentication Modules (PAM) to authenticate external user logons.
ApplyMakes the PAM configuration settings become effective in the next logon. 
TestPrompts for a username and password, then tests the currently enabled PAM authentication method.

Active Directory Configurations

The Active Directory Configuration section enables you to configure NetWitness Suite to use Active Directory to authenticate external user logins.

                                           
OptionDescription
EnabledEnables Active Directory authentication for NetWitness Suite users.
DomainDomain name where the Active Directory Service is located.
HostHost name or IP address where the Active Directory Service is located.
PortPort on the host that is used for Active Directory Service authentication.
SSLIndicates whether the Active Directory Service uses SSL.
Username MappingIndicates the Active Directory search field to use for username mapping. You can specify userPrincipalName (UPN) or sAMAccountName.
Follow ReferralsIndicates whether NetWitness Suite will follow LDAP referrals made by Active Directory.
UsernameIf Username is provided here, it binds to the Active Directory Service while searching Active Directory groups. This credential is not used for any other purpose.
You are here
Table of Contents > References > Sec/User Mgmt: Settings Tab

Attachments

    Outcomes