800-53|AC-10

Title

CONCURRENT SESSION CONTROL

Description

The information system limits the number of concurrent sessions for each [Assignment: organization-defined account and/or account type] to [Assignment: organization-defined number].

Supplemental

Organizations may define the maximum number of concurrent sessions for information system accounts globally, by account type (e.g., privileged user, non-privileged user, domain, specific application), by account, or a combination. For example, organizations may limit the number of concurrent sessions for system administrators or individuals working in particularly sensitive domains or mission-critical applications. This control addresses concurrent sessions for information system accounts and does not address concurrent sessions by single users via multiple system accounts.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Priority: P3

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.2.9 Set 'http Secure-server' limit	Cisco	CIS Cisco IOS XE 17.x v2.1.1 L1
1.2.10 Set 'http Secure-server' limit	Cisco	CIS Cisco IOS XE 16.x v2.1.0 L1
1.5.5 Ensure number of concurrent sessions is limited	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
3.1.11 Set maximum connection limits - MAX_CONNECTIONS	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.11 Set maximum connection limits - MAX_CONNECTIONS	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.11 Set maximum connection limits - MAX_COORDAGENTS	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.11 Set maximum connection limits - MAX_COORDAGENTS	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.11 Set maximum connection limits - MAXAPPLS	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.11 Set maximum connection limits - MAXAPPLS	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.14 Set maximum connection limits - 'max_connections <= 100'	Unix	CIS IBM DB2 OS L2 v1.2.0
3.1.14 Set maximum connection limits - 'max_coordagents <= 100'	Unix	CIS IBM DB2 OS L2 v1.2.0
3.1.14 Set maximum connection limits - 'maxappls <= 99'	Unix	CIS IBM DB2 OS L2 v1.2.0
3.1.14 Set maximum connection limits - MAX_CONNECTIONS	IBM_DB2DB	CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB
3.1.14 Set maximum connection limits - MAX_CONNECTIONS	IBM_DB2DB	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB
3.1.14 Set maximum connection limits - MAX_COORDAGENTS	IBM_DB2DB	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB
3.1.14 Set maximum connection limits - MAX_COORDAGENTS	IBM_DB2DB	CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB
4.1.12 Set Maximum Number of Applications (MAXAPPLS)	Unix	CIS IBM DB2 11 v1.1.0 Linux OS Level 1
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Rocky Linux 8 Server L1 v2.0.0
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Rocky Linux 8 Workstation L1 v2.0.0
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Oracle Linux 8 Workstation L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Red Hat EL8 Server L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS AlmaLinux OS 8 Workstation L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Red Hat EL8 Workstation L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS AlmaLinux OS 8 Server L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configured	Unix	CIS Oracle Linux 8 Server L1 v3.0.0
4.2.13 Ensure sshd LoginGraceTime is configured	Unix	CIS Oracle Linux 7 v4.0.0 L1 Workstation
4.2.13 Ensure sshd LoginGraceTime is configured	Unix	CIS CentOS Linux 7 v4.0.0 L1 Workstation
4.2.13 Ensure sshd LoginGraceTime is configured	Unix	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server
4.2.13 Ensure sshd LoginGraceTime is configured	Unix	CIS Amazon Linux 2 v3.0.0 L1
4.2.13 Ensure sshd LoginGraceTime is configured	Unix	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation
4.2.13 Ensure sshd LoginGraceTime is configured	Unix	CIS Oracle Linux 7 v4.0.0 L1 Server
4.2.13 Ensure sshd LoginGraceTime is configured	Unix	CIS CentOS Linux 7 v4.0.0 L1 Server
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Oracle Linux 8 Workstation L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS AlmaLinux OS 8 Workstation L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS AlmaLinux OS 8 Server L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Red Hat EL8 Workstation L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Rocky Linux 8 Server L1 v2.0.0
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Rocky Linux 8 Workstation L1 v2.0.0
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Oracle Linux 8 Server L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
4.2.16 Ensure sshd MaxSessions is configured	Unix	CIS Red Hat EL8 Server L1 v3.0.0
4.2.17 Ensure sshd MaxSessions is configured	Unix	CIS CentOS Linux 7 v4.0.0 L1 Server
4.2.17 Ensure sshd MaxSessions is configured	Unix	CIS Oracle Linux 7 v4.0.0 L1 Workstation
4.2.17 Ensure sshd MaxSessions is configured	Unix	CIS Oracle Linux 7 v4.0.0 L1 Server
4.2.17 Ensure sshd MaxSessions is configured	Unix	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server
4.2.17 Ensure sshd MaxSessions is configured	Unix	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation
4.2.17 Ensure sshd MaxSessions is configured	Unix	CIS Amazon Linux 2 v3.0.0 L1

Detections

Analytics