The HYCU 4.1 application and server must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.

An XCCDF Rule

Details
Profiles

Description

Device management includes the ability to control the number of administrators and management sessions that manage a device. Limiting the number of allowed administrators and sessions per administrator based on account type, role, or access type is helpful in limiting risks related to DoS attacks.

ID: SV-246819r768121_rule
Version: HYCU-AC-000001
Severity: Medium
References: CCI-000054
Updated: 3 days ago

Remediation Templates

The Web UI will only always allow one user session at a time.

For CLI, configure the operating system to limit the max number of concurrent sessions to 1 by adding the following line to "/etc/security/limits.conf":
hycu            hard    maxlogins       1

The HYCU 4.1 application and server must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.

Description

Remediation Templates

A Manual Procedure