Ultra Secure Mode
Polycom®, Inc. 843
Temporary User Lockout
When the ULTRA_SECURE_MODE System Flag is set to YES, Temporary User Lockout is implemented
as a defense against Denial of Service Attacks or Brutal Attacks. Such attacks usually take the form of
automated rapid Login attempts with the aim of gaining access to or rendering the target system (any
network entity) unable to respond to users.
If a user tries to log in to the system and the Login is unsuccessful, the user’s next Login attempt only
receives a response from the Collaboration Server after 4 seconds.
User Lockout
User Lockout can be enabled to lock a user out of the system after three consecutive Login failures with
same User Name. The user is disabled and only the administrator can enable the user within the system.
User Lockout is enabled when the USER_LOCKOUT System Flag is set to YES.
If the user tries to login while the account is locked, the error message Account is disabled is
displayed.
User Lockout is an Audit Event.
A system reset does not reset the Login attempts counter.
The time period during which the three consecutive Login failures occur is determined by the value of the
USER_LOCKOUT_WINDOW_IN_MINUTES System Flag. A flag value of 0 means that three consecutive
Login failures in any time period will result in User Lockout. Value can be between 0 and 45000.
The duration of the Lockout of the user is determined by the value of the
USER_LOCKOUT_DURATION_IN_MINUTES System Flag. A flag value of 0 means permanent User
Lockout until the administrator re-enables the user within the system. Value can be between 0 and 480.
User Login Record
The system can display a record of the last Login of the user. It is displayed in the Main Screen of the
Collaboration Server Web Client or Collaboration Server Manager. The user Login Record display is
enabled when the LAST_LOGIN_ATTEMPTS System Flag is set to YES.
Both lists display the:
● Date and Time of the Login attempt.