The Cisco ISE must limit the number of CLI and GUI sessions to an organization-defined number.

An XCCDF Rule

Description

Device management includes the ability to control the number of management sessions that manage a device. Limiting the number of allowed sessions is helpful in limiting risks related to DoS attacks. This requirement addresses concurrent sessions for administrative access. The maximum number of concurrent sessions should be defined based upon mission needs and the operational environment for each system. At a minimum, limits must be set for SSH and HTTPS sessions.

ID: SV-242607r1025177_rule
Version: CSCO-NM-000010
Severity: Low
References: CCI-000054
Updated: 3 days ago

Remediation Templates

Configure the concurrent sessions for the CLI and GUI. 

From web admin portal:
1. Choose Administration >> System >>Admin Access >> Settings >> Access.
2. Configure the "Maximum Concurrent Sessions" under "GUI" to be the organization-defined number.
3. Configure the "Maximum Concurrent Sessions" under "CLI" to be one.

The Cisco ISE must limit the number of CLI and GUI sessions to an organization-defined number.

Description

Remediation Templates

A Manual Procedure