Configuring an automatic logout for idle sessions - Configuration utility

Information

A session lock is a temporary network device- or administrator-initiated action taken when the administrator stops work but does not log out of the network device. Rather than relying on the user to manually lock their management session prior to vacating the vicinity, network devices need to be able to identify when a management session has idled and take action to initiate the session lock. Once invoked, the session lock shall remain in place until the administrator re-authenticates. No other system activity aside from re-authentication shall unlock the management session.

Solution

To automatically log out inactive Configuration utility sessions after a specified idle time, perform the following procedure:

1. Log in to the Configuration utility.
2. Click System.
3. Click Preferences.
4. For Security Settings, enter an appropriate value for the Idle time before automatic logout setting.

See Also

https://support.f5.com/csp/article/K53108777#link_01

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-11a., CAT|II, CCI|CCI-000057, Rule-ID|SV-74523r2_rule, STIG-ID|F5BI-DM-000007, Vuln-ID|V-60093

Plugin: F5

Control ID: a2a4e6471b7f5ba90faa0fa6d0d11a0bd04303f6fd2d72cafc1dd38159571161