Ensure 'HTTP session timeout' is less than or equal to '5' minutes

Information

Sets the timeout for an HTTP session before the security appliance terminates it.

Rationale:

Limiting session timeout prevents unauthorized users from using abandoned sessions to perform malicious activities.

Solution

From the Firepower Management Center:
Step 1. Navigate to Devices > Platform Settings

Step 2. Either edit the platform settings policy which exists as you click the pencil icon beside the policy or create a new FTD policy as you click New Policy. Select the type as Firepower Threat Defense.

Step 3. As you navigate to the HTTP section, a page appears as shown in the image.

Enable HTTP server: Enable this option to make to enable HTTP server on the FTD.

See Also

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6

Plugin: Cisco

Control ID: 6af78df92f2e26bf1629e31e9b4af6bb9e5467968b46d4b9abe8756c4e42f87d