Secure Mobile Access 100 10.2 Administration Guide

Table of Contents

Enabling Lockout for Source IP Address

SMA appliance login security provides the lockout account by source IP address feature to protect against unauthorized login attempts on the user portal. Complete the following steps to enable the lockout for source IP address:

  1. Navigate to System > Administration.
  2. Select Enable Administrator/User Lockout, after enabled user can find the Lockout for source IP address option in the login security page.
  3. Enable Lockout for source IP address, by default this option will be disabled.

  4. After enable or disable Lockout for source IP address a pop-up confirmation appears, click OK to unlock all locked users.

  5. In the Maximum Login Attempts Per Minute field, type the number of maximum login attempts allowed before a user is locked out. The default is five attempts. The maximum is 99 attempts.
  6. In the Lockout Period (minutes) field, type a number of minutes to lockout a user that has exceeded the number of maximum login attempts. The default is five minutes. The maximum is 99999 minutes.
  7. Enter a count number for the Maximum Session Count Per User. Enter zero for unlimited session counts.
  8. Select Allow Password Reveal.
  9. Click Accept to save your changes.

Lockout for One User

If user enable Lockout for source IP address, user will not be blocked when the user use other IP address to login. the following are the scenarios to lockout for one user.

  1. Enable Lockout for source IP address
    1. Scenario 1
      1. If user login failed times more than Maximum Login Attempts Per Minute on IP xxx.xxx.xxx.A.
      2. Then login from IP xxx.xxx.xxx.B with correctly user name and password.
      3. Result: User can login successfully.
    2. Scenario 2

      1. If user login failed times more than Maximum Login Attempts Per Minute on IP xxx.xxx.xxx.A.

      2. Then login from IP xxx.xxx.xxx.B successfully.

      3. Then try to login from IP xxx.xxx.xxx.A with correctly user name and password.

      4. Result: User will still be locked in IP xxx.xxx.xxx.A.

  2. Disable Lockout for source IP address
    1. Scenario 1
      1. If user login failed times more than Maximum Login Attempts Per Minute on IP xxx.xxx.xxx.A.
      2. Then login from IP xxx.xxx.xxx.B with correctly user name and password.
      3. Result: User cannot login successfully.