Security Options
You use the security options in the Remote Access Configure Security menu in NIASCFG to set up remote access security. The options for security are explained in Table 3.
Table 3. Security Options
Restrict Ports by User |
Restricts users to access a specific port or ports. |
Restrict Service by User |
Restricts users to a specific service. |
Restrict Service by Port |
Restricts ports to a specific service. |
|
Restricts port access time by service. |
Set Global Parameters |
Sets the following global security parameters for all users: Default maximum connection time Idle time before disconnection Default dialback mode Dialback parameters, including wait time, busy retry count, and busy retry interval Dial-out restrictions |
Set User Parameters |
Customizes the following user security parameters: Users allowed to change remote client passwords Remote client password expiration Idle timeout per user or container Default maximum connection time Dialback mode options Dial-out restrictions |
Set User Remote Client Password |
Specifies a Remote Client password for a user. |
Set Remote Client Password Restrictions |
Disables a password after a number of failed logins. |
|
Enables long passwords and sets the minimum password length. |
Set Third-Party Security Parameters |
Enables/disables third-party security. |
|
Selects a third-party security product. |
|
Applies third-party security to a direct connection. |
NOTE: Set Third-Party Security Parameters is available only if at least one third-party security product is installed.
You can set the time allowed online, dialback options, and dial-out restrictions globally for all users or customize them for selected users. If you need a secure system, implement all the appropriate security features.
In addition to the features listed in Table 3, service-specific security options are provided for each service. Table 4 lists the service-specific security options.
Table 4. Service-Specific Security Options
PPP Remote Node Service |
PPPRNS security |
On |
|
NetWare password
(NWCAP) |
Yes |
|
Password Authentication
Protocol (PAP) |
No |
|
Challenge Handshake Authentication Protocol (CHAP) |
No |
NASI Connection Service |
NCS dial-in security |
On |
|
NASI security |
On |
AppleTalk Remote Access Service |
Default zone restrictions |
Access to
all zones |
|
User zone restrictions |
Access to
all zones |
|
Prompting users for password |
No |
