Restrict Active Directory access by session type
Set session-based access policies for Active Directory identities. With UserLock, secure and manage user logins granularly across all Active Directory session types.
Smart, lightweight security for a modern workforce
Reduce the risks of remote access to your network. With session based policies, UserLock protects against unauthorized or suspicious access.
)
)
Use case example 1
Secure VPN logon access to an authorized machine
To ensure users can work securely outside of the office, IT administrators can restrict VPN access to an authorized company laptop. Automatically deny any other access attempt from any other machine.
)
)
Use case example 2
Set up and restrict user logon access to Wi-Fi sessions
Reduce network risks from BYOD access. With UserLock’s Wi-Fi session controls, ensure that anyone who gains access to your network, on any device, is the legitimate owner of the credentials being used.
)
)
Use case example 3
Secure remote logon to company email outside of the office
Many organizations offer employees remote access to their Exchange mailbox through Microsoft web server IIS (Internet information Services). Services include Outlook Web Access (OWA) for web browsers or ActiveSync for mobile access. UserLock can protect these IIS sessions using either ISAPI filters or HTTP modules.
Comprehensive session-based access control
Monitor and restrict access across all session types. UserLock puts IT in control with granular session-based and context-based access policies.
Granular login restrictions
Set and enforce login restrictions by origin, number of simultaneous connections, concurrent logons, and time. Define different restrictions for different session types.
Real-time monitoring
See the session type in all UserLock activity views. Track who is connected, from where, since when, and via what session type.
Alerts
Define alerts on events by session type(s) so you can immediately respond to suspicious behavior and reduce the risk of security breaches.
Reports
Filter access reports by session type to easily create reports on access for certain types of sessions.
More context aware restrictions
Restrictions by time constraints work alongside the other UserLock contextual access restrictions (session type, number of simultaneous connections and origin) to best protect and secure Active Directory user access.
)
)
Simultaneous connections
Prevent concurrent logins for a single user and limit the number of initial access points to ensure all access is attributed to a single AD identity.
)
)
)
)
Origin
Limit access by location with controls at workstation, device, IP range, organizational unit (OU), department and country.
)
)
)
)
Time
Limit access to specific timeframes and set daily, weekly or monthly time quotas, maximum session times and idle session time.
)
)
)
)
Remotely manage, respond and logoff Windows Session Events
UserLock allows administrators to easily track, manage and respond to Windows sessions remotely. Real time visibility and reaction to user activities, helps both optimize PC resources and save time.
Read)
)
)
)
UserLock reduces password sharing for students and staff
Thanks to UserLock, the Sherburn High School IT team has reduced password sharing among students and decreased the number of sessions left open.
Read)
)
)
)
UserLock enforces a single session per user to optimize shared computer lab resources
IT administrators define and enforce only a single session for each Active Directory user account to stop users monopolizing shared computing resources.
Read