Enforce user logon restrictions with contextual access management

Use the contextual information around a user’s logon to authorize, deny, or limit how a user can access the network, alongside multi-factor authentication (MFA).

  • Ensure appropriate employee access without frustration
  • Enhance security without adding work for IT
Start a free trial Book a Demo
Control and protect

Restrict access based on contextual factors

Go beyond existing Active Directory capabilities to easily apply customized login restrictions by user, group, or organizational unit (OU). Automatically block any logon attempts that don’t satisfy these granular access control security policies.

Origin

Origin

Limit access by workstation, device, IP range, organizational unit (OU), department and country.
Learn more

Time

Limit access to specific hours, set daily, weekly, or monthly time quotas, maximum session times, and idle session time.
Learn more

Session typeSession type

Session type

Control workstation, terminal, Wi-Fi, VPN, IIS and SaaS sessions to protect both interactive sessions and network access for remote and mobile users.
Learn more

Simultaneous Connections

Simultaneous Connections

Limit the number of initial access points and prevent concurrent sessions from a single user identity.
Learn more

Why choose contextual access management?

  • Enhance security
    Adapt your security measures to the situation, and drastically reduce both the risk of a data breach and the burden on your team. Context-aware access controls are especially useful to secure remote employee access.
  • React in real time
    Ensure access security remains intact thanks to UserLock’s real-time enforcement of context-based access restrictions.
  • Prevent threats proactively
    Identify suspicious access attempts before they escalate. UserLock’s contextual approach allows you to easily spot anomalies and take action to mitigate potential threats.

  • Keep end users happy
    Choose your own balance between security and usability, and create a seamless, efficient experience for end users.

Deliver the right access, at the right time, to the right person

Set effective restrictions granularly to protect against unauthorized access, even if credential compromise happens.

  • Set restrictions by user, group or OU
  • Restrict access by machine or workstation
  • Deny simultaneous connections
  • Limit access to specific timeframes
  • Secure VPN access to an authorized machine
  • Protect any remote access
  • Apply temporary controls

Explore common use cases

View all contextual logon restrictions for specific users, groups or OUs

Example: Display restrictions set for the user Alice:

Concurrent sessions allowed

Initial access points

Limited to 1

Workstation sessions

Limited to 1

Terminal sessions

Limited to 0

Restriction settings

Authorized the following list

Interactive

WKS005

Station

10.1.2.15-10.1.2.30

Interactive

OU=SalesWKS,OU=Sales,DC=MyDomain,DC=local

Restriction settings

Authorized the following list

Interactive

Mon to Fri: 08:00:00 to 19:00:00

Workstation

Saturday: 09:00:00 to 13:00:00

Action to take in case of overtime

Logoff session

Maximum session lenght

Limited to 15 min

Logoff notification timeout

Limited to 5 min

Workstation

Week:37:00:00

Allow to logoff an existing session if the number of allowed sessions has already been reached

Disabled

Allow only one unlocked interactive session

Disabled

Display the welcome message

Enabled

Warn users in real time of all connection events involving their credentials

Enabled

Meet compliance with context-aware access controls

Demonstrate system access controls, user identity verification, shared login restrictions, and simultaneous login prevention to meet compliance and insurance requirements.
Learn how UserLock supports compliance:

GDPR

Address GDPR compliance
to keep personal data safe

HIPAA

Address HIPAA compliance
to keep patient data safe

PCI DSS

Address PCI DSS compliance to keep sensitive cardholder data safe

Sarbanes Oxley’s (SOX)

Comply with Sarbanes Oxley’s (SOX) security regulations

ISO 27001

Address network and information access for ISO 27001 compliance

NIST 800-53

Address NIST 800-53 and NIST 800-171 compliance to keep federal data safe

"UserLock is simple to install, easy to configure and offers a level of protection that all small, medium and large business should be implementing as part of their security roadmap."

"UserLock offers Windows server administrators powerful access protection to prevent internal and external threats related to compromised credentials."

"Organizations need to control who has access to their systems, networks, and company-sensitive information. UserLock provides businesses with facilities that strengthen network logon security."

"The control over a user’s ability to log on is granular, but the best feature for me is that it is non-invasive – no schema extensions information left behind to worry about."

Ricky Magalhaes
WindowSecurity.com

HelpNet Security HelpNet Security

Andrew Kellett
Principal Analyst, Infrastructure Solutions, Ovum

Matt Hitchcock,
Active Directory Technical Lead at Barclays Bank

Combine contextual access management with strong authentication and session management

For optimal security, use contextual access management alongside UserLock’s powerful authentication and session management capabilities.

Multi-factor authentication (MFA)

Add an extra layer of security beyond credentials to make sure only the right people gain access.

Single sign-on (SSO)

Combine SSO with MFA to quickly, securely offer access across a hybrid environment.

Session management

Monitor, alert and respond to all Active Directory user logon events.

UserLock

Request a personalized demo now

Discover how UserLock can help you meet your needs.

Demo