Device Configuration : System : Administration : Admin Settings
Admin Settings
Device Configuration > System > Administration > Settings
Use Settings page to make modifications in the general port settings and Web Admin Login parameters. Make changes to the login parameters for restricting the local and remote users based on the time.
Admin Port Settings
Web Admin HTTP Port
Provide the port number to configure HTTP Port for Admin Console access.
Default - 80
Web Admin HTTPS Port
Provide the port number to configure HTTPS Port for secured Admin Console access.
Default - 4444
User Portal HTTPS Port
Provide the port number to configure HTTPS Port for Secured User Portal access..
Default - 443
Certificate
Certificate to be used by User Portal and Captive Portal.
Login Security (Remote Admins)
To prevent the unauthorized access to the Admin Console and CLI, configure Admin Session Lock, Admin Session Logout time and Block Admin Login to block the access after number of failed login attempts.
Lock Admin Session After
Configure inactivity time (in minutes) for the administrative session after which the device will be locked automatically. This configuration will be applicable to following components:
Admin Console
Telnet Console
IPSec Connection Wizard
Network Wizard
Group Import Wizard
Default - 3 Minutes
Logout Admin Session After
Configure time of admin inactivity in minutes after which the administrator will be logged out automatically.
Default - 10 Minutes
* Admin Session Logout time value must be greater than Lock Admin Session time.
Block Admin Login
Enable to block login to the Admin Console and CLI after configured number of failed attempts within configured time span.
Configure number of allowed failed login attempts from the same IP Address within the time limit.
Specify number of minutes for which the administrator will not be allowed to login. The administrator account will locked for the configured minutes if allowed failed login attempts exceeds.
Administrator Password Complexity Settings
Password Complexity can be configured to ensure that administrators are using secure passwords.
Enable Password Complexity Settings to enforce following constraints:
Minimum Password length. Configure minimum characters required in the password.
Default - 8 Characters
Require minimum one upper and lower case alphabet
Require minimum one number (0 - 9)
Require at least one special character e.g. @, $, %
Password cannot be same as username.
* All the enabled constraints are applied to password of administrator user only.
Login Disclaimer Settings
The Login Disclaimer allows setting a written message that administrators must read and agree prior to logging on to the Admin Console and CLI for device administration. If a disclaimer is set, it must be accepted before administrator can login.
Default disclaimer can be customized as per the requirement from the Messages page System > Administration > Messages . One can also review the customized message before setting.
Sophos Adaptive Learning
The product sends information periodically to Sophos which is used for the purpose of improving stability, prioritizing feature refinements, and protection effectiveness. It includes configuration and usage information, and Application usage and threat data.
Configuration and usage data such as Device information (hardware version, vendor), Firmware version and license information (not the owner), Features in use (status, on / off, count, HA status, Central Management status), amount of configured objects (count of hosts, policies), Product errors, CPU, memory and disk usage (in percentage), is collected by default.
No user-specific information or personalized information is collected. The information is transmitted to Sophos over HTTPS.
Send App & Threat data
Following Application usage and Threat data is gathered:
Unclassified applications to improve and enlarge the network visibility and application control library.
Data for IPS alerts, virus detected (also URL for which virus found), spam, ATP threats such as threat name, threat URL/IP, source IP, and applications used.
Default - Enable
SFOS Hot-fix
Allow auto-install of important Hot-fixes Hot-fixes are applied automatically if available. Disable if you do not want to apply hot-fix. Default - Enable