Fips Compliance; Password Control Configuration Task List; Enabling Password Control - HPE FlexNetwork 5510 HI Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 5510 HI Series:
- Configuration manual (572 pages) ,
- Mpls configuration manual (505 pages) ,
- Layer 3 - ip routing configuration manual (486 pages)
Table of Contents
Advertisement
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for
features, commands, and parameters might differ in FIPS mode (see
non-FIPS mode.
Password control configuration task list
The password control features can be configured in several different views, and different views
support different features. The settings configured in different views or for different objects have the
following application ranges:
•
Settings for super passwords apply only to super passwords.
•
Settings in local user view apply only to the password of the local user.
•
Settings in user group view apply to the passwords of the local users in the user group if you do
not configure password policies for these users in local user view.
•
Global settings in system view apply to the passwords of the local users in all user groups if you
do not configure password policies for these users in both local user view and user group view.
For local user passwords, the settings with a smaller application scope have higher priority.
To configure password control, perform the following tasks:
Tasks at a glance
(Required.)
(Optional.)
Setting global password control parameters
(Optional.)
Setting user group password control parameters
(Optional.)
Setting local user password control parameters
(Optional.)
Setting super password control parameters
Enabling password control
To successfully enable the global password control feature and allow device management users to
log in to the device, the device must have sufficient storage space.
Enabling the global password control feature is the prerequisite for all password control
configurations to take effect. Then, for a specific password control feature to take effect, enable this
password control feature.
After the global password control feature is enabled, you cannot display the password and super
password configurations for device management users by using the corresponding display
commands. However, the configuration for network access user passwords can be displayed. The
first password configured for device management users must contain at least four different
characters.
To ensure correct function of password control, configure the device to use NTP to obtain the UTC
time. After global password control is enabled, password control will record the UTC time when the
password is set. The recorded UTC time might not be consistent with the actual UTC time due to
power failure or device reboot. The inconsistency will cause the password expiration feature to
malfunction. For information about NTP, see Network Management and Monitoring Configuration
Guide.
To enable password control:
Enabling password control
209
"Configuring
FIPS") and
- Quick Links:
- Radius
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
