10
Security Best Practice Guide
Additional Configuration
Recommendations for Security Best
Practices
• Prohibit Saving Username and Password
• Hide Domain List on Portal Login Page
• Enable HTTP Strict Transport Security (HSTS) for SMA
• Enforce Login Uniqueness
• Enforce Client Source Uniqueness
• Enable “Login Schedule”
• Enable “Logout Schedule”
• Enforce Password Complexity
• Enable Client Certificate Enforcement (Advanced Security Feature)
• Restrict Request Headers
• Use a Public Certificate
• Allow Touch ID and Face ID on Mac, Apple IOS and Android Devices
• Disconnection on Inactivity Timeout
• Disable the Default Admin Account
• Allow Policy Match Logging
• Setup Connection Policies
• Device Registration
• End Point Control
• GEO IP Fencing
• Capture ATP for the SMA 100 Series
To Next Page
