Configuring the security settings of Kaspersky MLAD

Kaspersky MLAD lets you specify the conditions for blocking user accounts, the user inactivity period in accordance with the enterprise security policy, and the settings for storing information security event logs in the Kaspersky MLAD database. Information security event logs are automatically written to the database. If necessary, you can specify the settings of an external system to which the information security event logs should be sent.

System administrators may be responsible for configuring the security settings of Kaspersky MLAD.

To configure the main settings of Kaspersky MLAD:

1. In the lower-left corner of the page, click the  button.

   You will be taken to the administrator menu.

2. Select the System parameters → Security section.

   A list of options appears on the right.

3. In the Authorization parameters block, do the following:
   1. In the Number of authentication attempts field, specify the number of unsuccessful authorization attempts. When this number is reached, Kaspersky MLAD blocks the corresponding user account.
   2. In the User lock duration (sec) field, specify the time period (in seconds) to block a user account after reaching the specified number of unsuccessful authorization attempts.
   3. In the User inactivity period (min) field, specify the permissible duration of an inactive user session (in minutes).

      When the specified time period is reached, Kaspersky MLAD automatically terminates the inactive user session.

   4. If you need to prevent users from ignoring the password change recommendation when they connect to the application web interface for the first time, turn on the Require password change on first login toggle switch.
4. In the Password policy settings block, do the following:
   1. In the Number of user passwords stored in history field, specify the number of most recent user passwords that are stored in the application.

      You can specify a value starting with 1.

      When the user password is changed, the new password must not match any passwords stored in Kaspersky MLAD. The application stores passwords in encrypted form.

   2. In the Password expiration period (days) field, specify the number of days during which the user can use their current password to connect to the application without changing it.
   3. In the Minimum password length field, specify the minimum number of characters for user passwords.

      You can specify a value in the range of 8 to 128.

   4. If your security policy stipulates that user passwords must contain uppercase letters of the English alphabet, turn on the Require use of uppercase letters of the English alphabet (A-Z) toggle switch.
   5. If your security policy stipulates that user passwords must contain lowercase letters of the English alphabet, turn on the Require use of lowercase letters of the English alphabet (a-z) toggle switch.
   6. If your security policy stipulates that user passwords must contain numerals, turn on the Require use of numerals (0-9) toggle switch.
   7. If your security policy stipulates that user passwords must contain special characters, turn on the Require use of special characters (_!@#$%^&*) toggle switch.
5. In the Storage parameters for information security event logs block, do the following:
   1. In the Volume of information security event logs (MB) field, specify the volume limit (in megabytes) for storing information security event logs in the database.

      If the field is blank, Kaspersky MLAD stores all information security event logs for the time period specified in the Storage time for information security event logs (days) setting.

      If the specified volume of information security event logs in the database is exceeded, Kaspersky MLAD deletes the oldest entries.

   2. In the Storage time for information security event logs (days) field, specify the number of days to store information security event logs in the database.
6. Click the Save button.