Quarantine users with multiple failed logins

12.1 and later In the multiple failed login quarantine method, users are allowed five failed login attempts before they are locked out of the system and quarantined for 30 minutes. Use the Multiple Failed Login Quarantine template to create this policy.

The Multiple Failed Login Quarantine template contains the following rules:

Identify Multiple Failed Login

This rule identifies the users to quarantine due to multiple login failures.

Quarantine previously failed login connections

This rule uses the S-GATE SESSION TERMINATE action to enforce the quarantine policy and end the login session. Multiple failed logins are in violation of the Payment Card Industry (PCI) Data Security Standard.