Details

RADIUS or TACACS+ password management should be leveraged to ensure that a rogue node does not attempt a brute force logon attempt. This is a situation where a large number of logon attempts are made to a known user account.

Solution

Run the following command on the device to configure a remote RADIUS server: configure system security server address secret

Supportive Information

The following resource is also helpful.

• https://infoproducts.alcatel-lucent.com/aces/cgi-bin/dbaccessfilename.cgi/9305050101_V1_SR-OS Security Best Practices v2.0.pdf

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Alcatel.

References

• 800-53|IA-2

Source

• Tenable.com/audits