What Is the “Admin Hold On” Feature?

Did you know that most network security devices come with a built-in feature that allows the administrator to monitor and track all activity on the protected network? It’s true, most security appliances have a functionality known as the “admin hold on” that allows the network administrator (aka “admin”) to monitor and restrict all device activity on the protected network. In this scenario, the admin holds on to the power button on the device to prevent any unauthorized activity. This feature can also be accessed from the device’s Web UI to perform various functions, such as viewing device activity, viewing log files, and viewing event details.

Traditionally, this functionality was available on larger devices that have a lot of memory and processing power. However, modern network security appliances have been designed with this functionality to allow for easy management and monitoring even from a smartphone or other compact device. In this article, we’ll discuss what is the “admin hold on” feature and how to enable it on your network security device.

What Is the “Admin Hold On” Feature?

The “admin hold on” feature exists to allow the administrator to monitor and restrict all activity on the device, including network sessions, attempts to log in, and attempts to contact other devices on the network. Let’s break down exactly what happens when the admin holds on to the device’s power button:

The Protected Network Becomes Unavailable

If the administrator clicks the power button on a device while it’s connected to the network, the device will enter a locked state. In this state, all network activity (including sessions and log-ins) is automatically restricted so that only the administrator can access the device. In addition, all outbound network connections are blocked so that no other devices can contact the one that was previously connected to the network. This state persists until the administrator releases the power button or the device is disconnected from the network. It is possible to have multiple admins holding on to the device’s power button, in which case, each admin will only be able to monitor and restrict network activity from the device under their control.

This state is similar to a “brick” in electronic construction that prevents all activity on the device. In other words, the device becomes completely impotent until the administrator resolves the issue. It is critical to note here that this state is unavoidable if the device is powered on and connected to the network. In other words, it is not a “brick” that can be easily removed from the device. When the device is in this state, no diagnostic information is available to assist with troubleshooting. In general, it is not recommended to use this state as a daily driver because all network activity is restricted and it is unknown when or if the device will recover. However, this state is necessary in the event of a network security breach or other critical situations where immediate action is required.

The Web UI Is Available To The Administrator

Access to the device’s Web UI is also restricted in the locked state. For this reason, network security admins will often use a separate computer or mobile device to access the protected network. In addition to allowing for easier management and monitoring, this scenario allows for multiple admins to access the Web UI simultaneously. If the device’s Web UI is accessible from a separate computer, each admin can independently monitor and restrict network activity from the device under their control. This feature is also accessible through a mobile phone’s browser to provide the same type of functionality. Simply type in the network address (usually beginning with “https”) into the phone’s browser to access the device’s Web UI.

Event Logs And Settings Are Viewable

When the device is in the locked state, event logs and the settings of the device are also visible. This means network admins can view the history of events that have occurred on their network. For example, if a device logs in as a result of a brute force password attack, the network admin will be able to view this event in the event log (along with other similar events). This feature provides transparency into exactly what is occurring on the network. In addition, the settings of the device can be viewed and adjusted to create the necessary boundaries for network security. For instance, if the network admin notices that a particular device on the network always attempts to log in at the same time every day (which provides the attacker with a consistent entry point into the network), they can change the timing of this login in order to restrict the attacker’s access. Similarly, they can change the device’s passwords or alter its firewalls to restrict its access to the network. This feature allows for complete visibility into the operation of the network. It also allows for complete control over all aspects of the network’s operation, which can be a beneficial tool for network admins who are familiar with the platform.

It is important to note here that this state can only be accessed through the device’s Web UI or a mobile phone’s browser in conjunction with the network’s domain name. In other words, the device’s Web UI and all network activity is accessible only through the network’s domain name (such as https://mycompany.com). If an unauthorised device attempts to access the network through an IP address, the request will be denied because the device does not have permission to access the network through this address. For instance, if a device attempts to access the network through 192.168.0.1, the request will be denied because the administrator does not have this device on the network. Similarly, if the device is located on another network (known as a “remote network”) and tries to access the protected network using its IP address, the request will also be denied. This is because the device is located on a different network and does not have permission to access the protected network through its IP address. This is also why it is important to have a DNS server on the network to provide consistent domain names for devices on the network. Without a DNS server, a device will not have a domain name and will therefore be unable to access the Web UI or any network activity that is accessible through a domain name.

Additional Benefits Of The “Admin Hold On” Feature

It should be noted that not only does the “admin hold on” feature provide a lot of convenience for the network admin, it also has several other benefits. For example, if a device is located on the network and attempts to access the Web UI using an IP address that is disguised or spoofed, the administrator can determine whether or not this is an unauthorised device by looking at the IP address that was used to attempt the request. In addition, if a device is located on the network and attempts to access a private resource (such as a database or a device that provides remote storage or computing), the administrator can determine whether or not this is an unauthorised device by looking at the IP address that was used to attempt the request. In some instances, the administrator can also block this device from accessing the private resource. It is also possible to have multiple admins holding on to the device’s power button, in which case, each administrator can independently monitor network activity from the device under their control. This feature provides complete control over all aspects of the network’s operation and can be a beneficial tool for network admins who are familiar with the platform.

As mentioned earlier, most network security devices have a built-in feature that provides the network administrator with the ability to monitor and restrict all activity on the device. However, not all devices provide this feature, so it is important to know what it is before purchasing a product that does not have this functionality. In the end, having a device without this feature may end up being more harmful than having one that has it. This is because the device without the feature will be unable to provide any security at all. In other words, the device will be a “brick” in electronic construction that is completely impotent and incapable of providing any meaningful security for the network. Not having this feature on a device can hinder its effectiveness as a network security appliance and leave the network more vulnerable to attacks because there is no way to monitor or restrict it.

How To Enable The “Admin Hold On” Feature

To enable the “admin hold on” feature on a device, you will need to first connect the device to the network (either through wireless or wired connections), then click the settings button located at the very bottom of the device. From here, you will need to click on the network link to bring up a list of your connected networks. Once you have selected the network you wish to protect, click the “admin” button to bring up a list of all connected devices. You can then click on the device you wish to restrict network access of to connect to it. Following this, click “Save Changes”.

Scroll to Top