Manage Windows user sessions
Monitor, alert, and respond in real time to all user logon events in Windows Active Directory (AD) at a granular level.
Get instant visibility into all Active Directory network access
Track user logon activities and quickly spot risks
Set up automatic alerts and responses to block threats
Interact remotely with any user session from the UserLock console
Get granular Windows session management with UserLock
)
)
)
)
Monitor user logons in real-time
Get instant visibility on who is accessing your network, how, and when. Monitor all session types, including: Remote Desktop, VPN, IIS, cloud, and Wi-Fi.
)
)
)
)
React to threats immediately
With one-click session block, interact remotely with any windows session, and warn users of suspicious events. You can also run scripts to automate responses.
)
)
)
)
Set up custom alerts
Get email or pop-up notifications on suspicious user activity.
)
)
)
)
Access session logs and reports
Track easily user activities and investigate security risks.
Real-time Windows logon monitoring
Monitor user logons in real-time and get instant visibility into who is accessing your network.
View all user session activity, easily view specific sessions and track who is connected, from where, and since when thanks to powerful filters.
)
)
)
)
Choose how to view Windows session information
)
)
)
)
By connected user
User details
Last logoff
Opened sessions
And more
)
)
)
)
By machine in use
Machine details
Opened sessions
Computer localization
And more
Spot and respond to Active Directory session risks quickly thanks to the risk indicator
Easily spot and respond to risks thanks to a risk indicator highlighting suspicious logon connections.
High risk
Simultaneous connections from inside and outside the local network
Frequency of denied logons exceeds a defined limit
Risk
A new session is opened from an existing session with different credentials
An attempt to open a session for an account that is locked and/or disabled in Active Directory
Unprotected
A user account without the protection of UserLock’s logon control policies - and are not eligible for another risk status
New user
Any new user account or a dormant account with new activity. What defines a dormant account can be customized to suit own needs
Inactive user
A user account without any open sessions known by UserLock, after a certain time period (customized) in days
Why choose UserLock’s Windows user session management
Enhance security
Know who is logging in and when. Monitor Windows user logons in real-time to detect suspicious activities and prevent unauthorized access with granular session control policies.
Get comprehensive visibility
See all AD user sessions and track user activities, logon times, and more.
Control sessions remotely
Get automatic alerts and instantly respond to potential threats. Interact remotely with any Windows session, and warn users of suspicious events.
Read the case studyUserLock reduces time spent monitoring the network by 70% to 90%
With UserLock, we have an effective network access management tool that's very simple to manage and easy to understand. It's helped simplify IT's work. ”
Antônio Fernandes S. Oliveira
Network Manager | Pernambuco State Traffic Department
With UserLock we found the logging of AD user login events to be refreshingly clear, easy to understand and complete.
You can set threshold alerts and rules that can react to certain events or incidents that help reinforce your security posture. ”
Ricky Magalhaes
Get instant alerts on Windows user activity for IT and end users
Define active alerts for any user, group or OU based on suspicious activity.
Failed logon attempts
Attempts to logon to default accounts
Activity during non-working hours
Send alerts to one or more recipients via email or as a pop-up notification.
Respond instantly to Windows user activity alerts
React in real-time, either directly in response to alerts or automatically. An immediate response helps reduce the risk of a security breach. Choose from a variety of ways to set up automatic, instant responses to alerts (and free up your IT team to focus on moving your business forward).
Block user sessions with one click
Review and immediately block any suspect user accounts with just one click. This denies all further logon attempts and closes any existing sessions.
Remote session response
Interact remotely with any session, open or locked, to log off users, lock or reset appropriate settings.
Webhooks
Integrate UserLock’s comprehensive logon data into countless other applications.
PowerShell integration
Expedite certain tasks and run scripts thanks to UserLock PowerShell cmdlets.
Read the case studyWith UserLock’s real-time access monitoring and alerts, the administrator can instantly react
and perform corrective actions either by remotely locking, logging off or resetting the appropriate session. This has added a huge value to the organizations’ day-to-day operation. ”
Andreas N.Matheou,
Infrastructure Team Head | Bank of Cyprus
Combine session management with context-based user access restrictions and MFA
For optimal security, use session management alongside UserLock's powerful authentication and contextual access management capabilities.
)
)
)
)
Multi-factor authentication (MFA)
Add an extra layer of security beyond credentials to secure the initial point of access, the logon.
)
)
)
)
Single sign-on (SSO)
Combine SSO with MFA to quickly, securely offer access across a hybrid environment.
)
)
)
)
Contextual access management
Set context-based restrictions to authorize, deny, or limit how a user can access the network.