Administrative Security ACP License
The Administrative Security ACP license adds more password security and opens the ACP port for remote configuration.
The Administrative Security ACP license inherits the rules of the Administrative Security license and imposes additional rules and restrictions to improve password strength. For example, the Administrative Security ACP license overrides the minimum character length rules for passwords that are defined in the Administrative Security license and enforces stronger rules. The system does not require the presence of both licenses because the Administrative Security license is not a prerequisite for the Administrative Security ACP license. Either license can stand alone. The system supports the presence of both licenses, for example, in a deployment where the Administrative Security ACP license is added to a system with an active Administrative Security license.
The following scenarios describe system behavior with and without the presence of the Administrative Security license and the Administrative Security ACP license.
- Scenario: The Administrative Security license and the Administrative Security ACP license are both deployed and you enable
password-policy-strength.
Behavior: The Administrative Security ACP license defines the password rules and opens the ACP port.
- Scenario: The Administrative Security license and the Administrative Security ACP license are both deployed and you disable
password-policy-strength.
Behavior: The Administrative Security license defines the password rules and the ACP port remains open.
- Scenario: The Administrative Security ACP license is deployed alone and you disable
password-policy-strength.
Behavior: The system enforces the underlying Admin Security license password rules, which are less strict, and keeps the ACP port open.
- Scenario: The Administrative Security license is deployed alone.
Behavior: The Administrative Security license defines the password rules and the system closes the ACP port.
- Scenario: Neither the Administrative Security license nor the Administrative Security ACP license is deployed.
Behavior: The system enforces no password rules and keeps the ACP port open.
- Minimum of 9 characters required for a user-level password
- Minimum of 15 characters required for an admin-level password
- Must contain at least 2 upper case letters
- Must contain at least 2 lower case letters
- Must contain at least 2 numerical characters
- Must contain at least 2 special characters
- May not contain, repeat, or reverse the associated user ID
- May not contain two or more characters from the user ID. For example, if the user ID is "admin" and the password is "migda", the system rejects the password because "mi" appears in both words.
- May not use the same character more than 3 times, consecutively
- May not contain a sequence of three or more characters from a previous password. For example, if the existing password is "3birds", the new password cannot include '3bi', 'bir', 'ird', and so on.
- May not contain a sequence of two or more characters more than once. For Example, w29c29 is not allowed.
- May not contain sequential numbers or characters or a repeated character or number. For example, '66666', 'aaaa', 'abcd', 'fedc', '1234', '7654'.
- Must differ by at least four characters from the previous password
- May not use NULL password
Note:
The Administrative Security ACP license does not support SSH user names and SSH passwords that are stored locally, and this license does not support RADIUS users.For more information, see "Administrative Security ACP License Configuration" and "Enable the Administrative Security ACP License."
