It is important that administrative access (SSH, web) to an appliance using the account of last resort be able to be restricted to only the appropriate networks/subnets in order to reduce the likelihood of unauthorized access.
Configure console access using the account of last resort to specific networks/subnets.
1. Log on to the Web Management Console.
2. Click Configuration >> Authentication >> Console Access.
3. Click 'New'.
4. Enter the IP address and subnet mask for the desired network and click 'OK'.
5. Repeat step 4 until all desired networks have been added.
6. Click 'Apply'.
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system BlueCoat.