Is there a way to manually unblock an IP after the IVE blocks it because of the Lockout Options settings?
I have a few users who have been locking themselves out recently after password changes and are calling our Help Desk for assistance. My Management finds it unacceptable that we tell end users they must wait 30 minutes before attempting to log in again.
We are using LDAP into Active Directory for Authentication and have our IVE Lockout Options set to:
Rate: 6 per minute
Lockout Duration: 30 minutes
This is an SA-4500 in an Active/Passive Cluster running IVE 6.3 r3
Configuring Lockout options
You can configure the following Lockout options to protect the IVE and other systems from Denial of Service (DoS), Distributed Denial of Service (DDoS), and password-guessing attacks from the same IP address:
NOTE: Lockout options are not available to IVS systems. All other security options are available to IVS systems.
The IVE reacts quickly to an attack that persists, and then gradually becomes less restrictive when the attack subsides. After a lockout occurs, the IVE gradually recovers by maintaining the Rate. If the current failure rate since the last lockout exceeds the specified Rate, the IVE locks out the IP address again. If the failure rate is less than the specified Rate for the period of Attempts/Rate, the IVE returns to the initial monitoring state.
For example, if you use the following settings for the Lockout options, the IVE locks out the IP address for the time periods in the following scenario.
I read the settings verbatim and didn't realize it adapted based on the attempt count. We've adjusted our Lockout Options to take advantage of these capabilities.