Enable Enhanced Secure Mode

About this task

Use the following procedure to enable enhanced secure mode in either the JITC or non-JITC sub-modes.

The enhanced secure mode is disabled by default.

After you enable enhanced secure mode, the system can provide role-based access levels, stronger password requirements, and stronger rules on password length, password complexity, password change intervals, password reuse, and password maximum age use.

After you disable enhanced secure mode, the authentication, access-level, and password requirements work similarly to any of the existing commercial releases.

Note

Note

You can use EDM to enable or disable enhanced secure mode. To configure the security enhancements this feature provides, you must use CLI.

Procedure

  1. In the navigation pane, expand Configuration > Edit.
  2. Select Chassis.
  3. Select the Boot Config tab.
  4. In EnableEnhancedsecureMode, select either jitc or non-jitc to enable the enhanced secure mode in one of these sub-modes. Select disable to disable the enhanced secure mode.
    Note

    Note

    As a best practice, enable the non-JITC sub-mode. The JITC sub-mode is more restrictive and prevents the use of some troubleshooting utilities.

  5. Select Apply.
  6. Save the configuration, and restart the switch.