Admin Security
The Admin Security entitlement works to increase the security of the Oracle Communications Session Border Controller. Certain ACLI aspects, such as login and password change prompts, change immediately after enabling Admin Security.
Note:
Once the Admin Security entitlement is provisioned, it can not be removed from the system in the field; your chassis must be returned to Oracle for replacement.See the Admin Security Guide for more information.
Password Policy
The Admin Security feature set supports the creation of password policies that enhance the authentication process by imposing requirements for:
- password length
- password strength
- password history and re-use
- password expiration and grace period
The Admin Security feature set mandates the following password length/strength requirements.
- user class passwords must contain at least 9 characters (Admin Security only)
- admin class passwords must contain at least 15 characters
- passwords must contain at least 2 lower case alphabetic characters
- passwords must contain at least 2 upper case alphabetic characters
- passwords must contain at least 2 numeric characters
- passwords must contain at least 2 special characters (such as !, ", #, $, %, &, ' , (, ), *, +, , , -, ., /, :, ;, <, =, >, ?, @, [, \, ], ^, _, `, {, |, }, ~)
- passwords must differ from the prior password by at least 4 characters
- characters in password must differ from the prior password in at least 8 positions
- passwords cannot contain, repeat, or reverse the entire username
- passwords cannot contain three consecutive identical characters
Some specific password policy properties, specifically those regarding password lifetime and expiration procedures, are also applicable to SSH public keys used to authenticate clients.