In the Content Analysis/Malware Analysis device, Max-concurrent-login is set to 1 on CLI but still can access via Web Management through multiple machines. 

Although Max-concurrent-login is set to 1 on the CLI, this is the anticipated behavior of the Content Analysis/Malware Analysis device, which will allow the device to be accessed via Web Management across many clients/machines.

The CLI command "(config)# authentication management max-concurrent-logins 1" restricts concurrent login to only the SSH console.

A Content Analysis/Malware Analysis device is hosted on an NGINX server in a "Common Operating Environment".  When you access "Content Analysis/Malware Analysis device" via CLI, you are accessing the backend OS COE.  CLI exposes COE commands as well as configuration scripts (commands) that affect the Content Analysis/Malware Analysis device. Setting the max-concurrent-logins command affects access to COE, not Content Analysis/Malware Analysis.  

When accessing the Content Analysis/Malware Analysis in the GUI, you are accessing the front end of the Content Analysis/Malware Analysis application that is running in NGINX, which does not support restrictions for concurrent logins set on CLI.

Expected behavior