This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Arturxr
Explorer
‎2021-11-03 03:32 AM

Protecting the Mobile Access portal from password brute force

Is it possible to limit the number of password entry attempts on the Mobile Access portal?

For example, if a user enters an incorrect password 3 times, the user is blocked.

0 Kudos
7 Replies
G_W_Albrecht
Legend Legend
Legend
‎2021-11-03 03:55 AM

Yes, that is possible, see the Mobile Access R81 Administration Guide - it does, however, depend on the used authentication type.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Arturxr
Explorer
‎2021-11-03 03:57 AM
In response to G_W_Albrecht

Please tell me the number of the item, I read the admin guide and did not find it

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2021-11-03 04:17 AM
In response to Arturxr

Starting page 170 is User Authentication in Mobile Access. Here you select which kind of authentication should be used, and further steps are depending on it.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Arturxr
Explorer
‎2021-11-03 05:16 AM
In response to G_W_Albrecht

We have read, in our understanding it is used for 2-fa, we cannot organize dynamicid due to lack of resources, we are interested in the issue of blocking MAB users after entering the password incorrectly more than 3 times. Is there such functionality.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2021-11-03 05:30 AM
In response to Arturxr

Not for Legacy Auth with User/Password.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Arturxr
Explorer
‎2021-11-03 05:33 AM
In response to G_W_Albrecht

it turns out that there is no such functionality?

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2021-11-03 07:14 AM
In response to Arturxr

No - what we have is sk112454 How to configure Rate Limiting rules for DoS Mitigation (R80.20 and higher), but here we talk about more than 1000 packets per second ;- ) This can be used to prevent password brute force attacks...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Trending Discussions
Harmony mobile question
Upcoming Events

    Sort by:
    CheckMates Events
    Top