Specifications
34
• Maximum Logon Cookie Age: Maximum age of the cookie that is used persist the logon if
the browser is closed. A value of -1 will mean that the user will have to logon every time the
browser is opened.
• Multiple Sessions: Defines whether the same user can log on multiple times. This option
configures whether the same user is able to log into the system more than once
simultaneously. The final ‘Single Session per User / IP Address’ is the most restrictive. This
setting will prohibit the same user from accessing the Barracuda SSL VPN from two different
locations simultaneously, locking down the user so that he or she can open a single session
from a single machine.
• Verify Client Address: When checking logon state, verify the remote address of the request
against the address recorded at logon. This prevents re-use of logon cookies from other
clients.
• Lock Session on Browser Close: Enabling this option will force the user to provide their
password upon opening a new browser and returning to the site.
Confidential Attributes
Confidential attributes are used by the system to store personal information about the user such as
security questions which are used during authentication. These options configure how these attributes
are encrypted.
• Confidential Mode: Determines how the passphrase for the user's private key is established.
Attributes are stored by encrypting them with a user's public key so that they can only be
decrypted by the corresponding private key. With automatic the passphrase for the private key
is automatically configured as the users account password. If no account password has been
provided then it will be prompted for instead. When set to Prompt the user will be prompted
for the passphrase upon logon meaning that the passphrase will be independent of the user’s
password. Disabled will prevent the key being used at all, meaning confidential user attributes
will not be encrypted at all.
• Mask Personal Answers: Checking this option hides the actual user responses with asterisk.