Access restrictions for Wi-Fi, VPN and IIS Sessions

UserLock enables network administrators to control and secure access across all different sessions types:

Interactive sessions

(sessions with a desktop)

Wi-Fi & VPN sessions

(RAS session using RRAS or RADIUS)

IIS sessions

(Intranet, Outlook Web Access…)

Secure network access for a remote and mobile workforce

Each of the granular login restrictions that can be set and enforced in UserLock take into consideration the session type (workstation, terminal, interactive, Internet Information Services, Wi-Fi/Radius or VPN/RAS).

This empowers IT teams to secure network access across all session types and immediately respond to any suspicious behavior, whether it originates on PC, laptop, tablet or smartphone – something that is very important in the age of remote working and bring-your-own-device (BYOD).

Control a wireless network and secure BYOD environments

With BYOD quickly becoming the rule rather the exception, native Windows Server functionality does not provide adequate means to secure user access from personal devices.

UserLock alleviates this increased risk to corporate security by empowering IT to control, limit, track, record and automatically block all inappropriate or suspicious sessions across Wi-Fi and/or VPN sessions.

Be sure that whoever is gaining network access, via whatever device, is the owner of those credentials.

  • Define a maximum number of simultaneous Wi-Fi/VPN sessions that a user can open. (If you specify 0 users will not be able to open a Wi-Fi/VPN session)
  • Limit working hours or session time to limit the risks that come with BYOD
  • Monitor and respond to suspicious access behavior – be that log ins from new devices or at odd times.

Control access to company email outside of the office

Many organizations offer employees access to their company mailbox from outside the office. This is most likely accomplished by either using Outlook Web Access (OWA) with a web browser or by using their phone with an ActiveSync mail client.

Because these two common ways to access an Exchange mailbox are both based on the Microsoft web server IIS (Internet information Services), organizations can use the IIS agent introduced with UserLock to protect these IIS sessions and help control access to company email outside of the office.