Configuring system settings : Configuring system time, options, and other system options : Configuring system options
Configuring system options
The System > Configuration > Options tab lets you set the following global settings:
system idle timeout
LCD panel and button access restriction (for the models that have front LCD panel and control buttons)
login disclaimer
password enforcement policy
administration ports on the interfaces
To access this part of the web UI, your administrator account’s:
Domain must be System
access profile must have Read-Write permission to the Others category
For details, see “About administrator account permissions and domains”.
To view and configure the system options
1. Go to System > Configuration > Options.
2. Configure the following:
 
GUI item
Description
Idle timeout
Enter the amount of time that an administrator may be inactive before the FortiMail unit automatically logs out the administrator.
Note: For better security, use a low idle timeout value.
LCD Panel (models with LCD panels)
 
 
PIN Protection
Enable to require administrators to first enter the PIN before using the LCD display panel and control buttons on the FortiMail unit, then enter the 6-digit PIN number.
This option appears only on FortiMail models whose hardware includes an LCD panel.
Caution: For better security, always configure an LCD PIN; otherwise, anyone with physical access can reconfigure the unit.
Login Disclaimer Settings
The disclaimer message appears when an administrator or user logs in to the FortiMail unit web-based manager, the FortiMail Webmail, or the FortiMail unit to view the IBE encrypted email.
 
Login disclaimer
You can use the default disclaimer text or customize it.
 
Reset To Default
(button)
If you have customized the disclaimer text but want to use the default text, select this button.
 
Apply to login page
Admin: Select to display the disclaimer message when the administrator logs in to the FortiMail unit web-based manager.
Webmail: Select to display the disclaimer message when the user logs into the FortiMail Webmail.
IBE: Select to display the disclaimer message when the user logs into the FortiMail unit to view the IBE encrypted email.
Password Policy
Displays the password policy for administrators, FortiMail Webmail users, and IBE encrypted email users.
 
Enable
Select to enable the password policy.
 
Minimum password length
Set the minimum acceptable length (8) for passwords.
 
Password must contain
Select any of the following special character types to require in a password. Each selected type must occur at least once in the password.
Uppercase letters — A, B, C, ... Z
Lowercase letters — a, b, c, ... z
Number — 0 ... 9
Non alphanumeric character — punctuation marks, @,#, ... %
 
Apply password policy to
Select where to apply the password policy:
Administrators — Apply to administrator passwords. If any password does not conform to the policy, require that administrator to change the password at the next login.
Local mail users — Apply to FortiMail webmail users’ passwords. If any password does not conform to the policy, require that user to change the password at the next login.
IBE users — Apply to the passwords of the users who access the FortiMail unit to view IBE encrypted email. If any password does not conform to the policy, require that user to change the password at the next login.
Administration Ports
Specify the TCP ports for administrative access on all interfaces.
Default port numbers:
HTTP: 80
HTTPS: 443
SSH: 22
TELNET: 23