Enforce user password rules
You can specify password requirements for Deep Security Manager passwords, and other settings related to user authentication.
Specify password requirements
Go to Administration > System Settings > Security. In the User Security section, you can change these settings:
- Session idle timeout: Specify the period of inactivity after which a user will be required to sign in again.
- Maximum session duration: Maximum length of time that a user can be signed into the Deep Security Manager before they'll be required to sign in again.
- Number of incorrect sign-in attempts allowed (before lock out): The number of times an individual user (i.e. with a specific username) can attempt to sign in with an incorrect password before they are locked out. Only a user with "Can Edit User Properties" rights can unlock a locked-out user (see Define roles for users).If a user gets locked out for a particular reason (too many failed sign-in attempts, for example), and no user remains with the sufficient rights to unlock that account, please contact Trend Micro for assistance.
- Number of concurrent sessions allowed per User: Maximum number of simultaneous sessions allowed per user.A note about being signed in as two users at once: Remember that Firefox sets session cookies on a per-process basis, and not on a per-window basis. This means that if for some reason you want to be signed in as two users at the same time, you will either have to use two different browsers (if one of them is Firefox), or sign in from two separate computers.
- Action when concurrent session limit is exceeded:Specifies what happens when a user reaches the maximum number of concurrent sessions.
- User password expires: Number of days that passwords are valid. You can also set passwords to never expire.
- User password minimum length: The minimum number of characters required in a password.
- User password requires both letters and numbers: Letters (a-z, A-Z) as well as numbers (0-9) must be used as part of the password.
- User password requires both upper and lower case characters: Upper and lower case characters must be used.
- User password requires non-alphanumeric characters: Passwords must include non-alphanumeric characters.
- Send email when a user's password is about the expire: Before a user's password expires, they will receive an email message. To use this feature, you must Configure SMTP settings for email notifications.
Use another identity provider for sign-on
You can also configure Deep Security to use SAML single sign-on. For details, see Configure SAML single sign-on.
Add a message to the Deep Security Manager Sign In page
On the Administration > System Settings > Security page, use Sign-In Page Message to enter text that will be displayed on the Deep Security Manager's sign in page.
Present users with terms and conditions
You can configure Deep Security Manager so that users must agree to terms and conditions before they can sign in to the Deep Security Manager.
To enable this feature, select User must agree to the terms and conditions on the Administration > System Settings > Security page. In the two text boxes, enter a title and the list of terms and conditions that will be displayed when a user clicks the Terms and Conditions link on the Sign In page.
Other Security settings
The Administration > System Settings > Security page also enables you to: