A network security team had this concern:
How do we limit the number of times a partner can attempt to log in? They were concerned about users connecting to the dashboard, File Gateway, myFilegateway, and their company's SFTP Server Adapter.
The answer was interesting, because several different procedures were needed to set these values.
I. For the dashboard, the parameter is found in the ui.properties file. It's called ConsecFailed, and it is used as follows:
locks the user account after 5 consecutive failed attempts.
Note that this parameter must be set in ui.properties. It cannot be set in customer_overrides.properties.
II. For Filegateway and myFilegateway users, you can put these parameters in the customer_overrides.properties file:
This will lock the account for 30 minutes if there have been 5 consecutive unsuccessful attempts to log in.
III. For FTP and SFTP the parameter is found in the user interface:
Deployment > Adapter Utilities > Policy Configuration.
Select "Lockout Policy"
then fill out the screen with the parameters you need.
Though the configurations are done in different ways, the lockout procedure is the same for all of them. If the unsuccessful lockout period has been reached, IBM Sterling Integrator creates a lock which can be seen in the dashboard using Operations > Lock Manager. An authorized user can release any of these locks.
Have any questions? Know any other lockout procedures that should be added here? Please add a comment!