Help Central | G5 Cyber Security
Security Hardening
TNS Fortigate FortiOS Best Practices v2.0.0

Fortigate - Admin password lockout >= 300 seconds

Gavin M. Dennis

22 April 2022 02:49

Details

Admin password lockout >= 300 seconds. Enforcing a longer wait time for subsequent login attempts will provide for a less desirable target for attackers.

Solution

Issue the following command to configure the admin-lockout-duration.

config system global
set admin-lockout-duration
end

Supportive Information

The following resource is also helpful.

https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system FortiGate.

References

800-53|AC-7a.
CSCv6|16.7

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

Fortigate - AAA - LDAP server is trusted
Fortigate - AAA - RADIUS server is trusted
Fortigate - AAA - TACACS+ server is trusted
Fortigate - Admin access - trusted hosts
Fortigate - Admin password lockout >= 300 seconds
Fortigate - Admin password lockout threshold - '1-3'
Fortigate - Admin SCP - 'disabled'
Fortigate - Alert Emails - 'admin address'
Fortigate - Antispam License - Not Expired
Fortigate - Auto backup is configured - 'FortiManager'