Configure Panorama Password Profiles and Complexity
To secure the local administrator account, you can define password complexity requirements that are enforced when administrators change or create new passwords. Unlike password profiles, which can be applied to individual accounts, the password complexity rules are firewall-wide and apply to all passwords.
To enforce periodic password updates, create a password profile that defines a validity period for passwords.
- Configure minimum password complexity settings.
- Select PanoramaSetupManagement and edit the Minimum Password Complexity section.
- Select Enabled.
- Define the Password Format Requirements. You can enforce the requirements for uppercase, lowercase, numeric, and special characters that a password must contain.
- To prevent the account username (or reversed version of the name) from being used in the password, select Block Username Inclusion (including reversed).
- Define the password Functionality Requirements.If you have configured a password profile for an administrator, the values defined in the password profile will override the values that you have defined in this section.
- Create password profiles.You can create multiple password profiles and apply them to administrator accounts as required to enforce security.
- Select PanoramaPassword Profiles and click Add.
- Enter a Name for the password
profile and define the following:
- Required Password Change Period—Frequency, in days, at which the passwords must be changed.
- Expiration Warning Period—Number of days before expiration that the administrator will receive a password reminder.
- Post Expiration Grace Period—Number of days that the administrator can still log in to the system after the password expires.
- Post Expiration Admin Login Count—Number of times that the administrator can log in to the system after the password has expired.
Device > Password Profiles
Device > Password Profiles Device > Password Profiles Panorama > Password Profiles Select Device Password Profiles or Panorama Password Profiles to set basic password requirements ...
Configure Local or External Authentication for Panorama Administrators
Configure Local or External Authentication for Panorama Administrators You can use an external authentication service or the service that is local to Panorama to authenticate ...
Configure Local or External Authentication for Firewall Adm...
Configure Local or External Authentication for Firewall Administrators You can use Local Authentication and External Authentication Services to authenticate administrators who access the firewall. These ...
Local Authentication Although the firewall and Panorama provide local authentication for administrators and end users, External Authentication Services are preferable in most cases because they ...
Device > Setup > Management
Device > Setup > Management Device > Setup > Management Panorama > Setup > Management On a firewall, select Device Setup Management to configure management ...
Device > Administrators
Device > Administrators Administrator accounts control access to firewalls and Panorama. A firewall administrator can have full or read-only access to a single firewall or ...
Administer Panorama This section describes how to administer and maintain the Panorama™ management server. It includes the following topics: Preview, Validate, or Commit Configuration Changes ...
Panorama > Administrators
Panorama > Administrators Select Panorama Administrators to create and manage accounts for Panorama administrators. If you log in to Panorama as an administrator with a ...
Administrative Authentication You can configure the following types of authentication and authorization ( Administrative Roles and Access Domains ) for Panorama administrators: Authentication Method Authorization ...