Cisco Systems 15600 DLP-E131 Change Security Policy on Multiple Nodes

17-27

Cisco ONS 15600 Procedure Guide, R8.0

Chapter17 DLPs E100 to E199

DLP- E131 Change Security Policy on Multiple Nodes

Step 3 In the User Lockout area, you can modify the following:

•Failed Logins Before Lockout—Choose the number of failed login attempts a user can make before

the user is locked out from the node. You can choose a value between 0 and 10.

•Manual Unlock by Superuser—Check this box if you want to allow a user with Superuser privileges

to manually unlock a user who has been locked out from a node. The user will remain locked out

until a Superuser manually unlocks the user.

•Lockout Duration—Choose the amount of time the user will be locked out after a failed login. You

can choose a value between 0 and 10 minutes, and 0 and 55 seconds (in five-second intervals).

Step 4 In the Password Change area, you can modify the following:

•Require [nn] different passwords...—Choose a value between 0 and 10 to determine how many

different passwords have to be created before a password can be reused.

•...or a waiting period of [nn] days before password reuse—Choose a value between 0 and 30 days

to set the amount of time (in days) before a password can be reused.

Note “Require [nn] different passwords or a waiting period of [nn] days before password reuse” is an

OR statement, meaning that either one of the two conditions that you set can be satisfied for a

password to be reused.

Step 5 In the Concurrent Logins area, click Single Session Per User if you want to limit users to a single login

session.

Step 6 Click Apply. Confirm that the changes appear; if not, repeat the task.

Step 7 Return to your originating procedure (NTP).

DLP-E131 Change Security Policy on Multiple Nodes

Step 1 From the View menu, choose Go To Network View.

Step 2 Click the Provisioning > Security > Policy tabs. A read-only table of nodes and their policies appears.

Step 3 Click a node on the table that you want to modify, then click Change.

Step 4 In the Idle User Timeout area, you can modify the timeout times for each security level by clicking the

hour (H) and minute (M) arrows. You can choose values between 0 and 16 hours and 0 and 59 minutes.

Step 5 In the User Lockout area, you can modify the following:

•Failed Logins Before Lockout—Choose the number failed login attempts a user can make before the

user is locked out from the node. You can choose a value between 0 and 10.

Purpose This task changes the security policy for multiple nodes including idle user

timeouts, user lockouts, password change, and concurrent login policies.

Tools/Equipment None

Prerequisite Procedures DLP-E26 Log into CTC, page 16-33

Required/As Needed As needed

Onsite/Remote Onsite or remote

Security Level Superuser