The BIG-IP appliance must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

An XCCDF Rule

Details
Profiles

Description

By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced.

ID: SV-217388r879546_rule
Version: F5BI-DM-000031
Severity: Medium
References: CCI-000044
Updated: 26 days ago

Remediation Templates

Configure the BIG-IP appliance to use an approved remote authentication server to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

The BIG-IP appliance must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

Description

Remediation Templates

A Manual Procedure