Upon successful login, the network device must notify the administrator of the number of unsuccessful login attempts since the last successful login.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-55063	SRG-APP-000076-NDM-000218	SV-69309r1_rule		Medium

Description
Administrators need to be aware of activity that occurs regarding their network device management account. Providing administrators with information regarding the number of unsuccessful attempts made to login to their account allows them to determine if any unauthorized activity has occurred. Without this information, the administrator may not be aware that unauthorized activity has occurred. This incorporates all methods of login, including, but not limited to, SSH, HTTP, HTTPS, and physical connectivity.

Description

Administrators need to be aware of activity that occurs regarding their network device management account. Providing administrators with information regarding the number of unsuccessful attempts made to login to their account allows them to determine if any unauthorized activity has occurred. Without this information, the administrator may not be aware that unauthorized activity has occurred. This incorporates all methods of login, including, but not limited to, SSH, HTTP, HTTPS, and physical connectivity.

STIG	Date
Network Device Management Security Requirements Guide	2017-07-07

Details

Check Text ( C-55685r1_chk )
Determine if the network device is either configured to notify the administrator of the number of unsuccessful login attempts since the last successful login or configured to use an authentication server which would perform this function. If the administrator is not notified of the number of unsuccessful login attempts since the last successful login, this is a finding.

Fix Text (F-59929r1_fix)
Configure the network device to notify the administrator of the number of unsuccessful login attempts since the last successful login, upon successful login.