No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Administrator Guide 15

OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, and 6800 V3 Storage System V300R003

Routine maintenance activities are the most common activities for the storage device, including powering on or off the storage device, managing users, modifying basic parameters of the storage device, and managing hardware components. This document applies to the system administrators who are responsible for carrying out routine maintenance activities, monitoring the storage device, and rectifying common device faults.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring a Security Policy (Applicable to V300R003C20)

Configuring a Security Policy (Applicable to V300R003C20)

Security policies include the username policy, password policy, login policy and advanced settings.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > Permission Settings > Security Policies.
  3. Configure the username policy, password policy, login policy and advanced settings.

    Table 3-5, Table 3-6, Table 3-7 and Table 3-8 describe the related parameters.



    Table 3-5  Username policy parameters

    Parameter

    Description

    Value

    Min. Length

    Minimum username length. A complex username is recommended.

    [Value range]

    Its value is an integer ranging from 5 to 32.

    [Default]

    6

    Table 3-6  Password policy parameters

    Parameter

    Description

    Value

    Min. Length

    Minimum length of the user password. A complex password is recommended.

    [Value range]

    Its value is an integer ranging from 8 to 32.

    [Default]

    8

    Max. Length

    Maximum length of the user password. This parameter prevents administrators from configuring lengthy passwords.

    [Value range]

    Its value is an integer ranging from 8 to 32.

    [Default]

    16

    Complexity

    Complexity of the user password. A complex password is recommended.

    [Value range]

    Must contain special characters and any two types of uppercase letters, lowercase letters and digits or Must contain special characters, uppercase letters, lowercase letters, and digits

    [Default]

    Must contain special characters and any two types of uppercase letters, lowercase letters, and digits

    Number of Duplicate Characters

    Maximum number of consecutive duplicate characters.

    [Value range]

    Its value is Not limited or an integer ranging from 1 to 9.

    [Default]

    3

    Number of Retained Historical Passwords

    Number of retained historical passwords for an account. New passwords must be different from retained historical passwords. If the value is 0, the number is not limited.

    [Value range]

    Its value is an integer ranging from 0 to 30.

    [Default]

    3

    Password Validity Period (days)

    Setting of the password's validity period. You are advised to enable Password Validity Period (days).

    After Password Validity Period (days) is enabled, you need to set the password validity period to a specific number of days. The system prompts you to change the password in a timely manner.

    NOTE:

    If this parameter is not selected, the password will never expire. To ensure storage system security, you are advised to select and set this parameter.

    [Value range]

    Its value is an integer ranging from 1 to 999.

    [Default]

    90

    Password Expiration Warning Period (days)

    Number of days prior to password expiration when the user receives a warning message.

    [Value range]

    Its value is an integer ranging from 1 to 99.

    [Default]

    7

    Password Change Interval (minutes)

    The minimum period of time required between the setting and resetting of a password.

    [Value range]

    Its value is an integer ranging from 1 to 9999.

    [Default]

    5

    The new password cannot be the default password

    New password of super administrator admin cannot be the default password.

    [Default]

    Disable

    Table 3-7  Login policy parameters

    Parameter

    Description

    Value

    Session Timeout Duration (minutes)

    Indicates the duration in which no operations are performed. Then the system prompts the user the timeout message. After you click OK in the event of timeout, the system returns to the login page.

    [Value range]

    Its value is an integer ranging from 1 to 100.

    [Default]

    30

    Password Lock

    Locking of a user if the number of incorrect passwords consecutively input by the user exceeds Number of Incorrect Passwords within 5 minutes.
    NOTICE:

    Security risks arise if you disable the password lock. You are advised to enable password lock.

    [Default]

    Enabled

    Number of Incorrect Passwords

    Times allowed for consecutively entering incorrect passwords. When entries of incorrect passwords exceeds the Number of Incorrect Passwords value, the user is automatically locked.

    NOTE:
    • This parameter is available only when Password Lock is enabled.
    • After a user is locked, the super administrator can manually unlock the user. If Lock Mode is Temporary, the user is automatically unlocked after the lockout period elapses.

    [Value range]

    Its value is an integer ranging from 1 to 9.

    [Default]

    3

    Lock Mode

    Mode of automatically locking a user.
    • If you select Permanent, the administrator or read-only user will be permanently locked, but the super administrator will be automatically unlocked after being locked for 15 minutes.
    • If you select Temporary, you can set the locking duration of the user.

    [Default]

    Temporary

    Automatic Unlock in (minutes)

    Duration of user locking. After the lockout duration expires, the locked user is automatically unlocked.
    • This parameter is available only when Password Lock is enabled and Lock Mode is Temporary.
    • This parameter is available only when the user is automatically locked. A manually locked user can be manually unlocked only.
    • This parameter is available to administrators and read-only users only. The super administrator will be automatically unlocked after being locked for 15 minutes whether you choose Permanent or Temporary.
    • When the value ranges from 3 to 15 minutes, it takes effect for super administrators, administrators, and read-only users. When the value is longer than 15 minutes, it takes effect only for administrators and read-only users, and super administrators will be automatically unlocked after being locked for 15 minutes.

    [Value range]

    Its value is an integer ranging from 3 to 2000.

    [Default]

    5

    Lock Account When Idle

    A system account will be locked if it is not used for login and the idle period exceeds the number of days.

    [Default]

    Disable

    Idle Period (days)

    Number of days that constitutes a system account being idle.

    [Value range]

    Its value is an integer ranging from 1 to 999.

    [Default]

    60

    Login Security Info

    After a user logs in, information about the last login (including the login time and IP address) is displayed to enhance security.

    [Default]

    Disable

    User-Defined Info

    After an account logs in successfully, an alarm is displayed showing the preset information.

    [Default]

    Disable

    Info

    Information that appears upon a user account's successful login.

    [Value range]

    The information contains 1 to 511 characters.

    [Example]

    Login successful

    Table 3-8  Advanced settings parameters

    Parameter

    Description

    Value

    User Account Audit

    Periodically audit the number and permission of user accounts to ensure account security.

    [Default]

    Disable

    Audit Period (days)

    Periodically audits the period of an account.

    [Value range]

    Its value is an integer ranging from 0 to 999.

    [Default]

    120

  4. Confirm the operation.
    1. Click Save.

      The Execution Result dialog box is displayed, indicating that the operation succeeded.

    2. Click Close.
Translation
Download
Updated: 2019-04-17

Document ID: EDOC1000084191

Views: 85980

Downloads: 2300

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next