Configuring access management policies and settings on the Analyzer or Collector
By default, BMC Real End User Experience Monitoring Software Edition components have the following access-management features:
- The device authenticates and authorizes users via a local mechanism.
- Users must log on with a user name and a password. By default, there is no penalty for repeated unsuccessful logon attempts. The Security user can set up a restriction on logon attempts in the Account Policies page from the Administration tab.
- Inactive accounts remain viable by default. The Security user can modify account viability.
- Users can use the administrator-created passwords and never change them.
- Passwords can be short, simple, and, therefore, vulnerable to guessing or brute-force attacks.
- To prevent unauthorized persons from accessing the web interface of this device, a user with the Security role can enable enhanced account and password security.
The following topics describe how to configure access management policies and settings.
- Selecting an account-management model for an Analyzer or a Collector
- Configuring account access policies for a Collector
- Configuring account access policies for an Analyzer
To manage security via the configuration file, transfer an existing configuration to another instance of BMC Real End User Experience Monitoring, or restore the security configuration to the defaults, see Backing up or restoring security configuration for an Analyzer or a Collector.