From Juniper Router NDM Security Technical Implementation Guide
Part of SRG-APP-000295-NDM-000279
Associated with: CCI-002361
Automatic session termination addresses the termination of administrator-initiated logical sessions in contrast to the termination of network connections that are associated with communications sessions (i.e., network disconnect). A logical session (for local, network, and remote access) is initiated whenever an administrator (or process acting on behalf of a user) accesses a network device. Such administrator sessions can be terminated (and thus terminate network administrator access) without terminating network sessions.
Review the router configuration to verify that it is compliant with this requirement. As shown in the example below, a condition or event could be a period of inactivity such as 5 minutes for a specific user class. system { … … … } login { class ADMIN { idle-timeout 5; permissions admin-control; } } If the router is not configured to automatically terminate a network administrator session after organization-defined conditions or trigger events requiring session disconnect, this is a finding.
Set the idle timeout value for specific login classes to a value less than 10 minutes as shown in the example below. [edit system login] set class ADMIN idle-timeout 5
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer