2.1.2 Ensure 'Post-Login-Banner' is set - warning message


Sets the banner after users successfully log in. This is equivalent to Message of the Day (MOTD) in some other systems.


Network banners are electronic messages that provide notice of legal rights to users of computer networks. From a legal standpoint, banners have four primary functions:

First, banners may be used to generate consent to real-time monitoring under Title III. Second, banners may be used to generate consent to the retrieval of stored files and records pursuant to ECPA. Third, in the case of government networks, banners may eliminate any Fourth Amendment 'reasonable expectation of privacy' that government employees or other users might otherwise retain in their use of the government's network under O'Connor v.


When post-login banner is enabled, some automated-script might be affected because both CLI and GUI need an acceptance action (press 'A' or 'Accept') to continue.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


Run the following command in the CLI to enable the post-login-banner:

FG1 # config system global
FG1 (global) # set post-login-banner enable
FG1 (global) # end
FG1 #

In the GUI, to edit the content of the post-login disclaimer message, go to

System -> Replace Messages -> Extended View -> 'Post-login Disclaimer Message'. The edit screen is on the bottom right corner of the page. Click on 'Save' after the editing is done.

Default Value:

POST WARNING: This is a private computer system. Unauthorized access or use is prohibited and subject to prosecution and/or disciplinary action. All use of this system constitutes consent to monitoring at all times and users are not entitled to any expectation of privacy. If monitoring reveals possible evidence of violation of criminal statutes, this evidence and any other related information, including identification information about the user, may be provided to law enforcement officials. If monitoring reveals violations of security regulations or unauthorized use, employees who violate security regulations or make unauthorized use of this system are subject to appropriate disciplinary action.


See Also