Configuring delay login policy

You can delay a users login for a specified amount of time based on the context and behavior (failing login attempts).

1. Navigate to Protect > Policies page.
2. On the Login Policy tile, click the Add Action drop-down and then select the Delay Login action.
   
   
   

   A default policy gets created for the Delay Login.

   
   
   

   You can either Save the policy or you can edit the default policy variables.

3. To specify which Groups the action applies to:
   Groups can be locally defined groups, security groups and OUs pulled from active directory.

   Note: By default, Any is selected which means policy is applicable to all groups.

   Available options are:

   • Any
   • Selected
   1. Click the Any value to open the Select Groups dialog box.
   2. To limit the policy to selected groups, click Selected option.
      
      
      
   3. To add a group, click the green plus icon and then select the group from the drop-down you wish the action to apply to.
      You can add as many groups as needed for the policy.
   4. Select the Negate checkbox to apply policy line to every group except the group you selected.
   5. To save the selected group(s), click Ok.
4. To specify which Device the action applies to:
   Note: By default, Any is selected which means policy is applicable to all devices including unmanaged devices.

   Available options are:

   • Any
   • OS & User-Agent
   • Device Profile
   If you want to select common operating systems and/or User-Agent Strings:
   1. Click the Any value to open the Device dialog box.
   2. Select OS & User-Agent option.
   3. Select the applicable operating systems.
      
      
      Available options are Apple iOS, Apple Mac OS X, Google Android, Google Chrome OS, Microsoft Windows Phone, Microsoft Windows PC and Other OS.
   4. To limit the policy to matches of selected operating systems along with any user-agent strings, click the green plus icon and then enter the string(s).
      You can add as many user-agent strings as needed for the policy.
   5. Select the Negate checkbox to apply policy line to every device except the device you selected.
   6. To save the selected device(s), click Ok.
   If you want to select device profile:
   1. Click the Any value to open the Device dialog box.
   2. To limit the policy to selected device profiles, click Device Profile option.
      
      
      
   3. To add a device profile, click the green plus icon and then select the device profile from the drop-down you wish the action to apply to.
      You can add as many device profiles as needed for the policy.
   4. Select the Negate checkbox to apply policy line to every device profile except the device profile you selected.
   5. To save the selected device profile(s), click Ok.
5. Apply specific actions when a user is accessing from certain Location:
   Available options are:
   • Any
   • Selected
   1. Click the Any value to open the Select Locations dialog box.
   2. To apply specific actions when a user is accessing from certain locations, click Selected option.
      
      
      

      You can restrict or block users entirely from unsafe or untrusted locations and restrict or control where a user is accessing the cloud application from (either geographic location or IP).

   3. To select a location, click the green plus icon and then select the location from the drop-down you wish the action to apply to.
      You can add as many locations as needed for the policy.
   4. Select the Negate checkbox to apply policy line to every location except the location you selected.
   5. To save the selected location(s), click Ok.
6. Select a unique Behavior at login that will trigger the policy action.
   1. Click on the default behavior to open Behavior dialog box.
      
      
      
   2. Configure a behavior based on consecutive login failures within a specified time to trigger delayed logins.
   3. To save selected details, click OK.
7. Select a specific Time Range (days of the week or workday hours) for when the action will apply.
   Available options are:
   • Any
   • Selected
   1. Click on the default time range to open Time Range dialog box.
      
      
      

      You can select Any to apply action any time and day or you can select Selected to prevent users (especially contractors) from having accessing beyond work hours and days.

      Note: When you select Selected, approved start time, end time, and days are shown for region.
   2. Select the Start time.
   3. Select the End time.
   4. Select the applicable Day(s).
      Available options are Sun, Mon, Tue, Wed, Thu, Fri and Sat.
   5. To save selected details, click OK.
8. Select the Action to be taken when a policy is met.
   1. Click on the default action to open Action dialog box.
      
      
      
   2. To delay a user login for a specified amount of time based on the context and behavior, select the duration from the Delay login for drop-down.
      Available values are 2min, 5min, 10min and 15min.
   3. To notify about the delay login to user, select the appropriate User Email.
   4. To notify about the delay login to group, select the appropriate Group Email.
   5. To generate a Forcepoint alert, select the Generate Alert checkbox.
      Admin can view Forcepoint alerts from Analyze > Alerts page.
   6. To save selected details, click OK.
9. To save the updated policy, click Save.