Detections
Analytics

800-53|AC-10

Title

CONCURRENT SESSION CONTROL

Description

The information system limits the number of concurrent sessions for each [Assignment: organization-defined account and/or account type] to [Assignment: organization-defined number].

Supplemental

Organizations may define the maximum number of concurrent sessions for information system accounts globally, by account type (e.g., privileged user, non-privileged user, domain, specific application), by account, or a combination. For example, organizations may limit the number of concurrent sessions for system administrators or individuals working in particularly sensitive domains or mission-critical applications. This control addresses concurrent sessions for information system accounts and does not address concurrent sessions by single users via multiple system accounts.

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Priority: P3

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.5.5 Ensure number of concurrent sessions is limitedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
3.1.11 Set maximum connection limits - MAX_CONNECTIONSUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.11 Set maximum connection limits - MAX_CONNECTIONSUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.11 Set maximum connection limits - MAX_COORDAGENTSUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.11 Set maximum connection limits - MAX_COORDAGENTSUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.11 Set maximum connection limits - MAXAPPLSUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.11 Set maximum connection limits - MAXAPPLSUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.14 Set maximum connection limits - 'max_connections <= 100'UnixCIS IBM DB2 OS L2 v1.2.0
3.1.14 Set maximum connection limits - 'max_coordagents <= 100'UnixCIS IBM DB2 OS L2 v1.2.0
3.1.14 Set maximum connection limits - 'maxappls <= 99'UnixCIS IBM DB2 OS L2 v1.2.0
3.1.14 Set maximum connection limits - MAX_CONNECTIONSIBM_DB2DBCIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB
3.1.14 Set maximum connection limits - MAX_CONNECTIONSIBM_DB2DBCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB
3.1.14 Set maximum connection limits - MAX_COORDAGENTSIBM_DB2DBCIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB
3.1.14 Set maximum connection limits - MAX_COORDAGENTSIBM_DB2DBCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB
4.1.12 Set Maximum Number of Applications (MAXAPPLS)UnixCIS IBM DB2 11 v1.1.0 Linux OS Level 1
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS Oracle Linux 8 Server L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS AlmaLinux OS 8 Server L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS Rocky Linux 8 Workstation L1 v2.0.0
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS Red Hat EL8 Workstation L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS Rocky Linux 8 Server L1 v2.0.0
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS Oracle Linux 8 Workstation L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS AlmaLinux OS 8 Workstation L1 v3.0.0
4.2.12 Ensure sshd LoginGraceTime is configuredUnixCIS Red Hat EL8 Server L1 v3.0.0
4.2.13 Ensure sshd LoginGraceTime is configuredUnixCIS CentOS Linux 7 v4.0.0 L1 Workstation
4.2.13 Ensure sshd LoginGraceTime is configuredUnixCIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation
4.2.13 Ensure sshd LoginGraceTime is configuredUnixCIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server
4.2.13 Ensure sshd LoginGraceTime is configuredUnixCIS CentOS Linux 7 v4.0.0 L1 Server
4.2.13 Ensure sshd LoginGraceTime is configuredUnixCIS Amazon Linux 2 v3.0.0 L1
4.2.13 Ensure sshd LoginGraceTime is configuredUnixCIS Oracle Linux 7 v4.0.0 L1 Workstation
4.2.13 Ensure sshd LoginGraceTime is configuredUnixCIS Oracle Linux 7 v4.0.0 L1 Server
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS Oracle Linux 8 Server L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS Rocky Linux 8 Workstation L1 v2.0.0
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS Red Hat EL8 Workstation L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS AlmaLinux OS 8 Workstation L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS Rocky Linux 8 Server L1 v2.0.0
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS Oracle Linux 8 Workstation L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS Red Hat EL8 Server L1 v3.0.0
4.2.16 Ensure sshd MaxSessions is configuredUnixCIS AlmaLinux OS 8 Server L1 v3.0.0
4.2.17 Ensure sshd MaxSessions is configuredUnixCIS CentOS Linux 7 v4.0.0 L1 Workstation
4.2.17 Ensure sshd MaxSessions is configuredUnixCIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation
4.2.17 Ensure sshd MaxSessions is configuredUnixCIS CentOS Linux 7 v4.0.0 L1 Server
4.2.17 Ensure sshd MaxSessions is configuredUnixCIS Amazon Linux 2 v3.0.0 L1
4.2.17 Ensure sshd MaxSessions is configuredUnixCIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server
4.2.17 Ensure sshd MaxSessions is configuredUnixCIS Oracle Linux 7 v4.0.0 L1 Workstation
4.2.17 Ensure sshd MaxSessions is configuredUnixCIS Oracle Linux 7 v4.0.0 L1 Server
4.2.18 Ensure SSH MaxSessions is set to 10 or lessUnixCIS Amazon Linux 2023 Server L1 v1.0.0
4.2.21 Ensure SSH MaxSessions is set to 10 or lessUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1
4.2.21 Ensure SSH MaxSessions is set to 10 or lessUnixCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1
4.2.21 Ensure SSH MaxSessions is set to 10 or lessUnixCIS Debian 10 Workstation L1 v2.0.0
4.2.21 Ensure SSH MaxSessions is set to 10 or lessUnixCIS Debian 10 Server L1 v2.0.0