Denylist User
Denylist users are denied from accessing the network. They are blocked for the following reasons:
-
Locked by Operator: Through user log analysis or other means, operators find that the access of some users needs to be denied. Operators can add such users to the denylist. Users added to the denylist by operators can be released only by operators manually.
-
Malicious Login Attempt: When the number of unsuccessful password attempts exceeds the limit, the system considers that an illegal user is trying to gain access to the network. The system then adds the user into the denylist and releases the user from the denylist at 00:00 the next day automatically. The maximum allowed password retries can be configured in the Max. Authentication Attempts field on the Configure System Parameters page. Before the system releases the user, the administrator can manually release the user from the denylist.
Functions
-
Add to Denylist
Operation Procedure
- Select the User tab, and then in the navigation tree select Access User > Device User > Device User.
- Select the target device users and then click Add to Denylist.
- In the confirmation dialog box that opens, click OK.
-
Release from Denylist
Operation Procedure
- Select the User tab, and then in the navigation tree select Access User > Device User > Denylist User.
- Perform one of the following ways to release the users from the denylist:
- Remove Selected Users: Select the target users. Then click Unblock and Remove Selected Users.
- Remove Queried Users: Query the target users in the Query Denylist Users area. Then click Unblock and Remove Queried Users.
Precautions
-
A user blocked by an operator cannot log into the system unless the operator releases the user from denylist.
-
A user blocked for malicious login attempts from an endpoint is denied access from that endpoint until the user is released from the denylist. Such a user can be automatically released at 00:00 the next day or manually released by the administrator.
Related Topics