IBM Aspera Console must prevent concurrent logins for all accounts.

An XCCDF Rule

Description

<VulnDiscussion>Limiting the number of current sessions per user is helpful in limiting risks related to DoS attacks. This requirement addresses concurrent sessions for information system accounts and does not address concurrent sessions by single users via multiple system accounts. The maximum number of concurrent sessions must be the same as the requirements specified for the application for which it serves as intermediary. This policy only applies to application gateways/firewalls (e.g., identity management or authentication gateways) that provide user account services as part of the intermediary services.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-252566r817868_rule
Severity: Medium
References: CCI-000054
Updated: about 1 year ago

Configure IBM Aspera Console to prevent concurrent logins for all accounts: 

- Log in to the IBM Aspera Console web page as a user with administrative privilege. 
- Select the "Configuration" tab.
- Select the "Defaults" tab.
- Scroll down to the "Security" section.- Put a check the "Prevent concurrent login" check box.
- Select "Save" at the bottom of the page.

IBM Aspera Console must prevent concurrent logins for all accounts.

Description

Remediation - Manual Procedure