--- title: "Intrusion Prevention" slug: "intrusion-prevention-1" updated: 2023-04-18T16:36:24Z published: 2023-04-18T16:36:24Z --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.zpesystems.com/llms.txt > Use this file to discover all available pages before exploring further. # Intrusion Prevention The Intrusion Prevention section allows configuration of preventive mechanisms (i.e., Fail 2 Ban, Rescue Mode) to prevent unauthorized access to a System. The following settings are available: **Intrusion Prevention Settings** | **Setting** | **Value** | **Description** | | --- | --- | --- | | Block host with multiple authentications fails. | TRUE/FALSE | Blocks host from access after the maximum limit of failures occur. | | Period Host will stay blocked (min). | Number in minutes | Amount of time the system is not reachable on the network (default: 10). | | Timeframe to monitor authentication fails (min). | Number in minutes | Amount of time when failed authentication attempts maxed, and before the counter gets reset (default: 10). | | Number of authentication fails to block host. | Number | Number of failed authentication attempts before the user is blocked (default: 5). | | Rescue Mode requires authentication. | TRUE/FALSE | When enabled, Rescue Mode requires authentication through a local user account (i.e., root). | | Password protected boot | TRUE/FALSE | When enabled, editing BIOS and Grub requires authentication based on the defined password. | | Enable Secure Boot | TRUE/FALSE | When enabled, only ZPE-signed OS with ZPE standard certificates in BIOS are permitted to boot. | | SED PBA Version | Read only text | Pre-Boot Authenticator Version installed in the SSD. | | Self-encrypting drive | TRUE/FALSE | When enabled, all SSD data is automatically encrypted. | | Lock password menu: Random Auto Generated | Radio button | Select to generate a ZPE random password. | | Generated password | Read only text | Auto-generated Lock password. **WARNING**! SAVE THIS PASSWORD (Lock Password is required to disable this feature.) | | User defined | Radio button | Enter user defined Lock password. | | Lock password | Read only text | Enter Lock Password. **WARNING**! SAVE THIS PASSWORD (Lock Password is required to disable this feature.) | | Confirm lock password | Read only text | Confirm Lock Password. **WARNING**! SAVE THIS PASSWORD (Lock Password is required to disable this feature.) | **NOTES**Password Protected Boot is a patent-pending feature that allows Nodegrid OS to communicate with BIOS to enable the BIOS password to prevent unauthorized changes. The same password also protects Grub from unauthorized changes. The Password Protected Boot feature requires minimum BIOS version of 81122T00. On the WebUI, see About information for the current version.