JITC authorization requirements
The Joint Interoperability Test Command (JITC) conducts testing of national security systems and information technology systems hardware, software, and components. Hewlett Packard Enterprise is in compliance with JITC which provides the following.
Logs of security-related events with new login credentials separate from operator or manager credentials.
Log message when the event log wraps.
Configuration commands that allow users to set the maximum number of concurrent sessions.
Configuration commands which allow users to set the maximum number of concurrent sessions per user.
Increase the delay between failed login attempts.
NOTE: The HPE 3800 Switch and HPE 2920 Switch are currently UC APL certified. | |
Local authentication and authorization
JITC requires that access to security logs be provided through security user authentication and authorization. For more information about JITC security authentication and authorization, see the Access Security Guide for your switch.
Security user log access
Security user logs are accessible when both the
authentication and authorization are local. A default group called
the default-security-group is available
in manager mode and has the privileges to execute the commands copy
security-log
, show security-logging
,
and clear security-logging
. When a security user
is attached to the group, they will only be able to execute these
three commands. Other users will not be able to execute the commands,
no matter whether they are an operator or manager.
For more information about JITC security user log creation and access, see the Access Security Guide for your switch.
Authentication and Authorization through RADIUS
For RADIUS authentication and authorization, the security user will be able to access to security log by configuring the file located on RADIUS server. For more information about JITC authentication and authorization through RADIUS, see the Access Security Guide for your switch.
Authentication and Authorization through TACACS
For TACACS authentication and authorization, the user can access to security log by configuring the file located on TACACS server. For more information about JITC security authentication and authorization, see the Access Security Guide for your switch.