Personal Agent And Provisioning Client - Nortel 5100 Release Note

Nortel 5100 router-firewall: release note

Hide thumbs Also See for 5100:

Programming reference manual (452 pages)

User manual (264 pages)

Supplementary manual (106 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

page of 112

/ 112
Contents
Table of Contents
Bookmarks

Table of Contents

Personal Agent and Provisioning Client

Two additional protection mechanisms are provided to defend against

brute force and dictionary password attacks to the Personal Agent and

Provisioning Client. These are user account lockouts and Denial of Service

attack protection.

After the number of failed authentication attempts occurs, the subscriber or

administrator account is temporarily locked out. During the lockout, access

to the Provisioning Client or Personal Agent is denied. When the lockout

period expires, the lockout is cleared.

The number of failed attempts does not persist in permanent memory and

do not survive a software or hardware restart. The number of failed attempts

is not synchronized between different instances of the Provisioning Client or

Personal Agent, and each instance keeps a separate counter.

Denial of service (DoS) attacks cause a temporary blocking of the

HTTP/HTTPS requests from a particular source. When an abnormal

rate of trafﬁc is detected, the system drops all HTTP requests from the

particular source. The requests do not reach the Web applications. For

more information about DoS attack protection, see

mitigation" (page

Provisioning Client

The Provisioning Client failed authentication threshold and lockout duration

are conﬁgured as part of the password complexity rules. The new attributes,

conﬁgured from the System Management Console, are

•

Maxint is deﬁned as 2 147 483 647.

When authentication fails, the potential attacker receives an invalid login

attempt message. This message is generated when the authentication

fails due to an invalid user name, invalid password or during the lockout

condition. A log is also generated.

94).

Maximum Number of Failed Authentication Attempts

— range: 1 to maxint

— default: 3

Lockout Duration Seconds

— range: 1 to maxint

— default: 60 seconds

Nortel Multimedia Communication Server 5100

New in this Release

NN42020-404 03.08 Standard

Release 4.0 11 September 2007

SSL for Web and SOAP interface 71

"SIP Denial of Service

Table of Contents

Personal Agent And Provisioning Client - Nortel 5100 Release Note

Personal Agent and Provisioning Client

Related Manuals for Nortel 5100

Related Content for Nortel 5100

Table of Contents