Security Mode Configuration
Fixed Switch Configuration Guide 26-3
Security Mode and User Authentication and Passwords
The switch ensures that passwords are safeguarded during transit and while in storage using FIPS
140-2 commercial encryption provided by the FIPS module.
Password feature behavior and defaults differ depending on the security mode of the switch. The
default values for user account and password parameters are listed in the following table by the
security mode of the switch.
Refer to Chapter 5, User Account and Password Management for more information about
creating and managing user accounts and passwords.
Security Mode and System Logging
Security audit logging provides a mechanism to generate a separate and secure log file, in
addition to the previously existing unsecured log file (“current.log”). Refer to “About Security
Audit Logging” on page 14-6 for information about the secure permanent log file (secure.log) and
set/clear snmp targetaddr Read-Write Super User
set/clear snmp notify Read-Write Super User
set/clear snmp notifyfilter Read-Write Super User
set/clear snmp notifyprofile Read-Write Super User
Table 26-1 SNMP Commands Affected by Security Mode Settings (continued)
Commands
Access When Security Mode Setting Is:
Normal C2
Table 26-2 User Account and Password Parameter Defaults by Security Mode
Parameter Normal Mode Default C2 Mode Default
Password history 0 (no history) 8 previous passwords
Password change frequency 0 (no waiting) 1440 minutes (24 hours)
Minimum number of characters in password 8 9
Allow consecutively repeating characters in
password
yes 2 characters
Aging of system passwords disabled 90 days
Password required at time of new user account
creation
no yes
Substring matching at password validation 0 (no checking) 0 (no checking)
New users required to change password at first
log in
no yes
Lockout based on inactivity 0 (no activity checking) 90 days of inactivity
Lockout based on failed login attempts 3 failed attempts 3 failed attempts
Lockout period duration after unsuccessful log ins 15 minutes 1 minute
Grace period after password expiration 0 30 days
Grace login limit 0 3
Warning period 20 days 20 days
To Next Page
Loading...
Need help?
General