Upload
vivian-holmes
View
233
Download
0
Embed Size (px)
Citation preview
V 0.1 Slide 1Slide 1Security – System Configuration
How to configure WebSAMS?
Access Control
Other Information
Configuration system customization
system configuration
Customization
ip configuration
Authorizeduser
V 0.1 Slide 2Slide 2Security – System Configuration
System Configuration :
Allow user to maintain the following settings:
General Settings
System Accessibility Settings
Email settings
File size control of system log & audit trail
All the system configuration will take effect only after the user
re-logins the system
V 0.1 Slide 3Slide 3Security – System Configuration
V 0.1 Slide 4Slide 4Security – System Configuration
Maximum number of fault login attempts allowed /
Auto-unlock period of locked accounts :
The number of times that a user can try to login with a wrong
password before the account is locked
Locked account will be unlocked after the elapse of the auto-
unlock period, counting from the time the account is locked.
For no auto-unlock, the locked account can only be unlocked
manually in the “Unlock Account” function.
V 0.1 Slide 5Slide 5Security – System Configuration
V 0.1 Slide 6Slide 6Security – System Configuration
Automatic logout period (inside / outside SAMS LAN
segment) :
The system will automatically logout an account after it is left
idle for a period longer than the automatic logout period defined.
Automatic logout period inside and outside the SAMS LAN
segment can be defined separately.
V 0.1 Slide 7Slide 7Security – System Configuration
V 0.1 Slide 8Slide 8Security – System Configuration
Password expiry period:
For security reason, users should modify their passwords
periodically.
User will be reminded to change his/her account password if it
is due to be expired within 14 days. The remaining number of
days before password expiry will be displayed to the user after
each successful login. When the user changes the password, the new password
expiry date will be the system date plus the password expiry
period.
V 0.1 Slide 9Slide 9Security – System Configuration
Password expiry period (cont’d):
If the user does not change the password and the password
expires, the user will not be able to login the system again.
The password expiry period also affects the password expiry
date when a new user account is created.
For the 2 built-in accounts, ‘sysadmin’ and ‘asysadmin’, the
password is set to ‘Never Expire’.
V 0.1 Slide 10Slide 10Security – System Configuration
V 0.1 Slide 11Slide 11Security – System Configuration
Number of passwords stored in password History:
The system will store a certain number of previously used
passwords. The number of passwords stored is defined here,
from 1 to 5.
When changing new password, the system will ensure that the
new password entered does not duplicate with the stored
passwords.
V 0.1 Slide 12Slide 12Security – System Configuration
V 0.1 Slide 13Slide 13Security – System Configuration
Enable Multiple Login:
A user can login the system in several browsers from the
same/different workstations at the same time if the box is
checked. It is recommended to disable Multiple Login for security
reason.
User can login the system from internet if the box is checked.
Enable Internet Access:
Enable ITED Access: User can login the system from school ITED LAN Segment if the
box is checked.
V 0.1 Slide 14Slide 14Security – System Configuration
V 0.1 Slide 15Slide 15Security – System Configuration
Data Backup log file path:
The server directory where the database backup log files will be
stored. The administrator has to set this value before he/she can
view the database backup log files with the ‘View Backup Log’
function.
The server directory where the backup tool stores the file
server backup log files. It is used by the ‘View Backup Log’
function
Server Backup log file path:
Archive file path:
The server directory where the audit trail archive files will be
stored.
V 0.1 Slide 16Slide 16Security – System Configuration
V 0.1 Slide 17Slide 17Security – System Configuration
System access time inside/outside SAMS LAN
Segment User can login the system in the period defined here.
Access time in Monday-Saturday and Sunday can be set
separately. Access period of 24 hours a day can be set by selecting the “24
Hours” option.
The access time inside or outside SAMS LAN Segment can be
set separately
Note 1: The access time setting is not applicable to the ‘sysadmin’
account Note 2: Take note of any conflict with the system batch jobs such as
database/server backup when granting access period of 24 hours a
day
V 0.1 Slide 18Slide 18Security – System Configuration
V 0.1 Slide 19Slide 19Security – System Configuration
Release of Access Time Control to 24 hours
Account of staff/student/parent user type can be selected to
enjoy access time of 24 hours a day within a particular period of
time for operational purpose.
Within the period defined, the selected users can access the
system at any time.
V 0.1 Slide 20Slide 20Security – System Configuration
V 0.1 Slide 21Slide 21Security – System Configuration
Enable E-Mail Function:
The option has to be enabled before emails can be sent out
from WebSAMS.
V 0.1 Slide 22Slide 22Security – System Configuration
V 0.1 Slide 23Slide 23Security – System Configuration
School's E-Mail Address for Return of E-Mail by
Recipients:
If E-Cert for digital signature is not used, this email address will
be displayed as the sender’s email address for all mails sent out
from WebSAMS.
If E-Cert is used for digital signature, the email address in the
E-Cert will be used instead.
V 0.1 Slide 24Slide 24Security – System Configuration
V 0.1 Slide 25Slide 25Security – System Configuration
SMTP Server of ISP subscribed by School:
The SMTP server of the ISP is used to send outgoing emails via
internet.
E-Mail Account provided by ISP subscribed:
This is the E-Mail account provided to the school by the ISP for
using its SMTP server.
Password of the E-Mail Account provided by ISP:
The password of the E-Mail account should be entered
correctly.
V 0.1 Slide 26Slide 26Security – System Configuration
V 0.1 Slide 27Slide 27Security – System Configuration
E-Mail Recipient Limit for each mail:
If the number of recipients of an email is larger than this limit,
the email will be sent out by batch. The number of recipients in
each batch will be less than or equal to this limit.
Size Limit for each E-Mail (MB):
The maximum size of each outgoing email in megabytes.
V 0.1 Slide 28Slide 28Security – System Configuration
V 0.1 Slide 29Slide 29Security – System Configuration
Size Limit for Storing Each User's Sent Mails (MB) :
The size limit of each user’s mail history in megabytes.
Maximum number of Retry for Sending Mail:
The maximum number of attempts for sending each email.
If mail sending is still not successful after this number of
attempts, mail sending will be aborted and the mail will be
marked as ‘Sending Failed’.
V 0.1 Slide 30Slide 30Security – System Configuration
V 0.1 Slide 31Slide 31Security – System Configuration
Location Path and Password of (Organizational) e-
Cert for Digital Signature:
The school may use e-Cert to digitally sign all outgoing emails
for authentication purpose. Then the two settings of location
path and password of the e-Cert information should be entered.
If the school does not use e-Cert for signing emails, two fields
can be left blank.
V 0.1 Slide 32Slide 32Security – System Configuration
V 0.1 Slide 33Slide 33Security – System Configuration
Size Limit of Audit Trail storing in DB(MB):
The maximum database space used for storing Audit Trail in
Megabytes.
Zero for no limit.
When the assigned database space is full, user may archive the
audit trail records as Archived Audit Trail. After the archive, the
audit trail records which have been archived will be deleted from
the database.
V 0.1 Slide 34Slide 34Security – System Configuration
V 0.1 Slide 35Slide 35Security – System Configuration
Size Limit of Archived Audit Trail storing in server
(MB): The maximum hard disk space used for storing Archived Audit
Trail files in Megabytes.
Zero for no limit.
When the assigned hard disk space has been reached, user
may delete the files or move the files to other folders manually.
V 0.1 Slide 36Slide 36Security – System Configuration
V 0.1 Slide 37Slide 37Security – System Configuration
Size Limit of DB backup /recovery log storing in
server (MB):
The maximum hard disk space used for database
backup/recovery log files in Megabytes.
Zero for no limit.
V 0.1 Slide 38Slide 38Security – System Configuration
Click
ESC
To Return
Size Limit for Server backup/ recovery log storing in
server (MB):
The maximum hard disk space used for server backup/recovery
log files in Megabytes.
Zero for no limit.