<p>The default security settings of TIM Enterprise allow for ease of 
installation and are suitable for the needs of most organisations.  
However, if your organisation's IT security policy demands it, or you 
plan to expose the system to an untrusted network such as the Internet, 
it is recommended you harden the security using the methods described 
below.</p>

NOTE: After changing any of the following settings, you will need to restart the TIM Enterprise service before changes will take effect.

<h2>Blocking invalid login attempts</h2>

<p>The system can blacklist the source IP address of a would-be attacker if
 a number of unsuccessful access attempts are made within a specified 
period of time.  The following two Registry entries determine how many 
invalid login attempts are permissible before the source IP is 
blacklisted and, if so, for how long the blacklist will remain in place 
until further attempts are entertained:-</p>

<table class="confluenceTable">
	<tbody>
		<tr>
			<th class="confluenceTh" width=166>Registry String data value</th>
			<th class="confluenceTh">Description</th>
		</tr>
		<tr>
			<td class="confluenceTd"><span class="keyword">FloodFailCount = 0</span></td>
			<td class="confluenceTd">Number of attempts</td>
		</tr>
		<tr>
			<td class="confluenceTd"><span class="keyword">FloodLockTime = 60</span></td>
			<td class="confluenceTd">Lockout duration</td>
		</tr>
	</tbody>
</table>

<p>All Registry keys for TIM Enterprise are located in the following hive:-</p>

<img id="border" src="http://www.tri-line.com/common/img/documentation/tim_enterprise/windows_registry.png" alt="Windows registry" />