| Applies to Product: |
 USM Appliance™
|
 LevelBlue OSSIM®
|
|
Testing Procedure |
How USM Appliance Delivers |
USM Appliance Instructions |
USM Appliance Documentation |
|---|---|---|---|
|
8.1.6.a For a sample of system components, inspect system configuration settings to verify that authentication parameters are set to require that user accounts be locked out after not more than six invalid logon attempts. |
In USM Appliance you can view bruteforce logon events to see if they trigger an account lockout, or view account lockout events to see how many times they failed to log on. USM Appliance will generate bruteforce authentication alarms. |
Observe USM Appliance bruteforce authentication alarms for notification of login attempts that exceed lockout limitations. |
|
|
8.1.7 For a sample of system components, inspect system configuration settings to verify that password parameters are set to require that once a user account is locked out, it remains locked for a minimum of 30 minutes or until a system administrator resets the account. |
In USM Appliance you can view bruteforce logon events to see if they trigger an account lockout, or view account lockout events to see how many times they failed to log on. |
USM Appliance detects account lockouts and provides visibility into the next subsequent login to verify that minimum lockout duration is satisfied. |
|
|
8.5.a For a sample of system components, examine user ID lists to verify the following: |
Configure Vulnerability Scans in USM Appliance to test security parameters for Linux and Windows servers. |
Create a custom scan profile, and in the "Autoenable plugins option", select the "Autoenable by family" option. Then enable the appropriate checks in scanning profile for target host. |
|
|
Run a Vulnerability Scan using the custom scan profile that was created. |
|||
|
Export successful scan results and identify findings to determine if system is configured correctly. |
Feedback