Table of Contents
Advertisement
Cisco Webex DX70 and DX80
Introduction
Security Audit Server PortAssignment
The audit logs are sent to a syslog server. You can define how the port number of the
external syslog server will be assigned. This setting is only relevant when Security Audit
Logging Mode is set to External or ExternalSecure. To see which port number is used you
can check the Security Audit Server Port status. Navigate to Setup > Status on the web
interface or; if on a command line interface, run the command xStatus Security Audit Server
Port.
Requires user role: AUDIT
Default value: Auto
Value space: Auto/Manual
Auto: Will use UDP port number 514 when the Security Audit Logging Mode is set to
External. Will use TCP port number 6514 when the Security Audit Logging Mode is set to
ExternalSecure.
Manual: Will use the port value defined in the Security Audit Server Port setting.
Security Fips Mode
If required, you can set the device in FIPS mode (Federal Information Processing Standard
(FIPS) Publication 140-3, Security Requirements for Cryptographic Modules). While in FIPS
mode the remote support user is not available, and Digest access authentication is not
supported between the device and an HTTP Proxy, because Digest access authentication
is using MD5 cryptographic hashing, which is not allowed in FIPS. This last limitation only
affects Webex registered devices, since an HTTP Proxy is used only for the Webex solution.
You should allow only HTTPS, and do not switch on Telnet, SNMP, or IEEE8021X in FIPS
mode (keep the default values).
For changes to this setting to take full effect, you must restart the device.
Requires user role: ADMIN
Default value: Off
Value space: Off/On
Off: The device is not in FIPS mode.
On: The device is in FIPS mode.
D15362.17 DX70 and DX80 Administrator Guide CE9.14, OCTOBER 2020.
Configuration
Peripherals
Maintenance
Security Session FailedLoginsLockoutTime
Define how long the device will lock out a user after failed login to a web or SSH session.
Restart the device for any change to this setting to take effect.
Requires user role: ADMIN
Default value: 60
Value space: Integer (0..10000)
Set the lockout time (minutes).
Security Session InactivityTimeout
Define how long the device will accept inactivity from the user before he is automatically
logged out from a web, Telnet, or SSH session.
Restart the device for any change to this setting to take effect.
Requires user role: ADMIN
Default value: 0
Value space: Integer (0..10000)
Set the inactivity timeout (minutes); or select 0 when inactivity should not enforce
automatic logout.
Security Session MaxFailedLogins
Define the maximum number of failed login attempts per user for a web or SSH session. If
the user exceeded the maximum number of attempts the user will be locked out. 0 means
that there is no limit for failed logins.
Restart the device for any change to this setting to take effect.
Requires user role: ADMIN
Default value: 0
Value space: Integer (0..10)
Set the maximum number of failed login attempts per user.
www.cisco.com — Copyright © 2020 Cisco Systems, Inc. All rights reserved.
132
Administrator Guide
Device settings
Device settings
Appendices
Advertisement
Chapters
Table of Contents
