Idle Session Timeout Configuration on ESW2-550X Switch

Objective

A user can log in to the switch through various methods such as telnet, http etc. The switch maintains an individual session for each method of log in. The configuration of idle session timeout enables the switch to close the sessions after a certain period of time of inactivity. This decreases the security risks and blocks illegitimate users to gain access over open unattended sessions. This helps to prevent security attacks like "session hijack".

This article explains how to configure idle session timeout on ESW2-550X stackable managed switch.

Applicable Devices

• ESW2-550X
• ESW2-550X-DC

Software Version

• v1.2.9.44

Configure Idle Session Timeout

Step 1. Log in to the web configuration utility and choose Administration > Idle Session Timeout. The Idle Session Timeout page opens:

Step 2. Choose the desired timeout intervals for all of the sessions from the available drop-down lists. The drop-down list has a time interval of 1, 5, 10, 30 minutes and Never. The Never option allows the session to be active irrespective of the inactivity time.

• HTTP Session Timeout — The time taken before the HTTP session is terminated. HTTP session is used when the device GUI is accessed from a web browser.

• HTTPS Session Timeout — The time taken before the HTTP Secure session is terminated. HTTPS session is the same as HTTP but in a secured way. The communication will be encrypted compared to the plain text in HTTP.

• Console Session Timeout — The time taken before the Console session is terminated. Console session is used when the device is accessed via console terminal.

• Telnet Session Timeout — The time taken before the Telnet session is terminated. Telnet session is used when the device can be remotely logged in with a telnet protocol.

• SSH Session Timeout — The time taken before the Secure Shell (SSH) session is terminated. SSH (Secure Shell) session is used when the device can be remotely logged in with a SSH protocol.

Step 3. Click Apply.