1. Manuals
  2. Brands
  3. IBM Manuals
  4. Scanner
  5. Proventia Network Enterprise
  6. User manual

IBM Proventia Network Enterprise Scanner User Manual page 108

Hide thumbs
Table of Contents

Advertisement

Chapter 7: Configuring Discovery and Assessment Policies
108
Setting
Account Verification
Account Lockout Control
Description
This setting applies only if an Assessment Credentials policy is
available for the group being scanned.
Verify account access level before using
If disabled, Enterprise Scanner assumes that whatever is
specified in the Assessment Credentials policy is accurate.
If enabled, Enterprise Scanner tries to confirm that the access
level specified in the Assessment Credentials policy is correct.
Important: You should enable the Check local group
membership to verify access level if you enable account
verification.
Access domain controller to verify access level
If disabled, Enterprise Scanner does not communicate with a
Domain Controller in the process of verifying access levels.
If enabled, Enterprise Scanner tries to communicate with a
Domain Controller in the process of verifying access levels.
Check local group membership to verify access level
If disabled, Enterprise Scanner does not try to confirm the
account's access level during assessment by checking which
local groups the asset belong to.
If enabled, Enterprise Scanner tries to confirm the account's
access level during assessment by checking which local
groups the asset belong to.
Allowed account lockout: This setting controls how Enterprise
Scanner handles accounts that have account lockout protection
enabled.
The account lockout options are as follows:
No lockout allowed—Enterprise Scanner avoids running
password guessing checks if account lockout is enabled on the
target host, or if its status could not be determined.
Temporary lockout allowed—Enterprise Scanner runs
password guessing checks only if the account lockout duration
is less than or equal to the value specified in the Longest
allowed temporary lockout option below.
Permanent lockout allowed—Enterprise Scanner runs
password guessing checks even if the account lockout
duration is set to run infinitely.
Longest allowed temporary lockout x (minutes)
Specifies the maximum time (in minutes) that accounts are
allowed to be locked out by password guessing checks. This value
applies only if Temporary Lockout Allowed is enabled. When
temporary lockout is allowed, password guessing checks are run
only against assets whose lockout policy disables locked out
accounts for no more than the maximum allowed lockout time.
IBM Internet Security Systems

Advertisement

Table of Contents
loading

Related Manuals for IBM Proventia Network Enterprise Scanner

Related Products for IBM Proventia Network Enterprise Scanner

Table of Contents