Summary
Configure security preferences to control aspects of SMS login passwords, information sharing between the TMC and the SMS, and client preferences related to storing user login information and session timeout.
Details
Procedure:
- Log in to the SMS from a client.
- From the top menu select the Edit -> Preferences option from the Menu Bar. The System Preferences dialog box displays.
- Select Security.
- Select Security Level.
Security Level | Password Requirement |
Level 0 - Low Security | A password does NOT have to be defined. If you choose to define a password, any length and format is allowed. A password can NOT contain spaces. |
Level 1 - Medium Security | Passwords must contain at least 8 characters without spaces. |
Level 2 - High Security | Passwords must meet Level 1 restrictions and the following:- Must contain at least two alphabetic characters- Must contain at least one numeric character- Must contain at least one non-alphanumeric character. A non-alphanumeric character includes any character that is not a digit or a letter. Do not use spaces in the password. |
- In the Password area, select any of the following options you want to enable:
- Require Login for Web Access
- Require Password to be different from User ID
- Lock User after failed login attempts; Note: If you select this option, enter the number of failed login attempts (from 2 to 10) in the Threshold box.
- In the TMC Information Share area, select any of the following options you want to enable:
- Enable update tracking on TMC.
- Enable TMC Polling for DV and OS updates - periodically checks the TMC for updates.
- Enable ThreatLinQ Event Sharing - provides the option to hide IP Addresses in ThreatLinQ.
- Select Enable sharing CVE coverage gaps to help TippingPoint improve DV coverage to determine whether the SMS client can upload CVEs to the TMC.
- In the Client Preferences area, select any of the following options you want to enable:
- Select Allow storing the username and server used to login to this SMS to allow or prevent the client from caching login information.
- Select Timeout client session after inactivity to allow or prevent the client from ending a session after a specified period of inactivity. If enabled, use the Time field to set the number of minutes (10– 600) a user can be inactive before the session is ended.
- Select Auto reconnect client to server after a disconnect occurs to allow the SMS client to automatically reconnect to the SMS server if the client is unable to connect to the server.
- Click OK.
Reference: SMS User Guide