Skip to content

Riverbed Optimization System (RiOS) must enforce the limit of three (3) consecutive invalid logon attempts by a user during a 15-minute time period for device console access.

An XCCDF Rule

Description

By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced.

ID
SV-77349r1_rule
Version
RICX-DM-000024
Severity
Medium
References
Updated

Remediation Templates

A Manual Procedure

Configure RiOS to limit the number of invalid logon attempts to 3 during a 15 minute period.

Login to the device console to access the command line interface (CLI)

Type: enable
Type: conf t