What is RFC 5424

Device management: restrict accounts, networks and ports, set up syslog, activate login agreement, reset administrator account

Control access to the / appliance administrative interface by setting how many failed logins are allowed. Set how long an account will be locked out after exceeding the failed login limit. Also set the number of days a password can be used before it expires and limit the reuse of previously used passwords.

You can restrict access to the management interface of your device by specifying network addresses that are allowed and not allowed and by selecting the ports through which you can access this interface.

Define in the field Accepted addresses the IP addresses or networks from which access to / appliance should always be granted. Define in the field Rejected addresses the IP addresses or networks from which access to / appliance should always be denied. Use the drop-down option Standard action to determine whether IP addresses and networks not listed in the above fields should be accepted or rejected. If there is an overlap, the more precise information applies.

For example, if you allow access for 10.10.0.0/16 but deny access for 10.10.16.0/24 and want to deny access from all other addresses, enter 10.10.0.0/16 in the field Accepted addresses Enter 10.10.16.0/24 in the field Rejected addresses one and put Standard action on decline.

 

The Secure Remote Access Appliance can be configured to run a STUN service on UDP port 3478 to simplify peer-to-peer connections between BeyondTrust clients. Activate the option Activate the local STUN serviceto use this feature.

 

You can configure your device to send log messages to up to three syslog servers. Enter the host name or IP address of the syslog host server that will receive system messages from this device in the field Remote syslog server a. Select the message format for the event notifications. Choose from the standard specification RFC 5424, one of the outdated BSD formats or Syslog over TLS. Syslog over TLS uses TCP port 6514 by default. All other formats use UDP 514 by default. However, the default settings can be changed. Secure Remote Access Appliance logs are made using the feature local0 sent.

 

Cloud-specific settings can be found in Device Management: Define Syslog via TLS.

When changing or adding a syslog server, a warning is sent to the administrator's email address. The administrator information is under Security> Email Configuration> Security :: Administrator Contact configured.

For a detailed syslog message reference, see the Syslog Message Reference Guide in Syslog Message Reference Guide.

You can enable a login agreement that users must accept before they can access the / appliance administrative interface. The configurable agreement allows you to specify restrictions and internal policies before users are allowed to log in.

 

You can Reset admin account choose; this will reset a site's administrative username and password to the default in case you forget or need to replace your login information.