Quarantine User Accounts
You can turn on the quarantine feature as a preventative measure when suspicious activity is detected. When quarantine is turned on, the user account can no longer log in to the console or API, and any active sessions are terminated immediately.
The difference between account lockout and account quarantine is that account lockout cannot terminate sessions.
The setting is turned on at the user account level as follows:
- From the left navigation pane in the console, select Configuration.
- Under Role Based Access, select User Management.
- Under Users, select the user account.
- Click the More Options button, and then select Edit User Details.
- Enable the Account Quarantined option.
- Click Update User.
Set the Refresh Interval on the Quarantine Cache
You can set the length of time that passes before the cache is updated with the user accounts from the database. The quarantine is only applied to the user account after the cache is updated.
The user can remain logged in and sessions remain active up until the refresh interval time passes (and the cache is updated with the quarantine status).
- From the left navigation in the console, select Configuration.
- Under System, click Site Options.
- Under Session, enter the number of seconds that pass before the cache is updated with the most recently discovered quarantined user accounts.
The default value is 600 seconds (10 minutes). The maximum value is 1200 seconds (20 minutes).
- Click Update Session Options.