Deephealth PACS Server
Click here to see this page in full context

The PACS Server

Security Settings

The security settings give administrators the ability to secure network traffic between a user and the server, terminate inactive user sessions and define minimum password strength. Since encrypted communications can negatively impact network performance, the Secure Connection setting does not control the security of the DICOM communications. Secure DICOM is configured through the definition of the DICOM TLS port and protocol in the Devices table.

See: DICOM Server

The password strength requirements force users to define strong passwords. Passwords that fail to meet these requirements cannot be saved.  

 To set the security settings:

  1. Go to the Admin/Server Settings tab
  2. Select Security Settings
  3. Set the parameters
  4. Select the Save icon

Setting Default Description
Secure connection Auto Force communications to use secure protocol.
Inactivity timeout 60 User inactivity timeout period. In minutes.
Authentication agent Built-in When LDAP is configured, use the built in authentication agent or one of the available LDAP servers. See: LDAP Configurations, Multilevel User Authentication.
Use multilevel authentication Disabled Applied multilevel authentication delivery methods. Options include Email and SMS. When selected, the user account's email address and/or phone number become required fields. Note that SMS use requires Radar Messaging settings.
Confirm code length 6 Defines the length of the multilevel authentication confirmation code sent to users.
Confirm code contains Numbers Defines the require characters contained in the multilevel authentication confirmation code.
Multilevel authentication cookie expiry 30 Multilevel authentication cookie validity period. In days.
Permit same contacts for different user accounts Disabled When enabled, multiple user accounts can share the same contact information used for MFA. This setting is not recommended. Click the neighboring yellow triange icon, if available, to download a list of existing user accounts sharing a common email address or phone number.
Delete all trusted login data Delete all saved trusted login data to force re-validation.
Max. failures before locking the user 0 Number of failed login attempts before locking account. Set to 0 for unlimited.
System auto-unlock time 0 Time to wait to auto-unlock a locked user account. In minutes. Set to 0 for no auto-unlock.
Check failed logins for  1 Number of days included in failed login counts. In days.
Minimum password length 5 Minimum password string length.
Minimum password strength Low Minimum password strength.
Required password characters Minimum password characteristics. Options include at least one upper case character, at least one lower case character and at least one numeric charactor.
Generate SSL code signing request file Generate and download an SSL code signing request file. Enter the required data to download a CSF file from a certificate authority. 
Upload SSL Certification Upload an SSL certificate obtained from your certificate authority. This results in a system restart.