Configuring the security settings of Kaspersky MLAD
Kaspersky MLAD lets you specify the conditions for temporarily blocking user accounts, the user inactivity period in accordance with the enterprise security policy, and the settings for storing information security event logs in the Kaspersky MLAD database. Information security event logs are automatically written to the database. If necessary, you can specify the settings of an external system to which the information security event logs should be sent.
System administrators may be responsible for configuring the security settings of Kaspersky MLAD.
To configure the main settings of Kaspersky MLAD:
- In the lower-left corner of the window, click
.You will be taken to the administrator menu.
- Select the System parameters → Security section.
A list of options appears on the right.
- In the Authorization parameters block, do the following:
- In the Number of authentication attempts field, specify the number of unsuccessful authorization attempts. When this number is reached, Kaspersky MLAD temporarily blocks the corresponding user account.
The default value of this parameter is
3. - In the User lock duration (sec) field, specify the time period (in seconds) to block a user account after reaching the specified number of unsuccessful authorization attempts.
The default value of this parameter is
120. - In the User inactivity period (min) field, specify the permissible duration of an inactive user session (in minutes).
When the specified time period is reached, Kaspersky MLAD automatically terminates the inactive user session. The default value of this parameter is
1440. - If you need to prevent users from ignoring the password change recommendation when they connect to the application web interface for the first time, turn on the Require password change on first login toggle switch.
This switch is disabled by default.
- In the Number of authentication attempts field, specify the number of unsuccessful authorization attempts. When this number is reached, Kaspersky MLAD temporarily blocks the corresponding user account.
- In the Password policy settings block, do the following:
- In the Number of user passwords stored in history field, specify the number of most recent user passwords that are stored in the application.
You can specify a value starting with
1. The default value of this parameter is5.When the user password is changed, the new password must not match any passwords stored in Kaspersky MLAD. The application stores passwords in encrypted form.
- In the Password expiration period (days) field, specify the number of days during which the user can use their current password to connect to the application without changing it.
The default value of this parameter is
180. - In the Minimum password length field, specify the minimum number of characters for user passwords.
You can specify a value in the range of
8to128. The default value of this parameter is8. - If your security policy stipulates that user passwords must contain uppercase letters of the English alphabet, turn on the Require to use uppercase letters of the English alphabet (A-Z) toggle switch.
This switch is enabled by default.
- If your security policy stipulates that user passwords must contain lowercase letters of the English alphabet, turn on the Require to use lowercase letters of the English alphabet (a-z) toggle switch.
This switch is enabled by default.
- If your security policy stipulates that user passwords must contain numerals, turn on the Require to use numerals (0-9) toggle switch.
This switch is enabled by default.
- If your security policy stipulates that user passwords must contain special characters, turn on the Require to use special characters (_!@#$%^&*) toggle switch.
This switch is enabled by default.
- In the Number of user passwords stored in history field, specify the number of most recent user passwords that are stored in the application.
- In the Retention settings for information security event logs block, do the following:
- In the Volume of information security event logs (MB) field, specify the volume limit (in megabytes) for storing information security event logs in the database.
If the field is blank, Kaspersky MLAD stores all information security event logs for the time period specified in the Retention time for information security event logs (days) setting. This setting has no value by default.
If the specified volume of information security event logs in the database is exceeded, Kaspersky MLAD deletes the oldest entries.
- In the Retention time for information security event logs (days) field, specify the number of days to store information security event logs in the database.
The default value of this parameter is
100.
- In the Volume of information security event logs (MB) field, specify the volume limit (in megabytes) for storing information security event logs in the database.
- Click the Save button.