See all insights
Two-Factor Authentication Solution for Windows & RDP Logons
Under a Cloud of Suspicion
Auditing File Access in the Cloud
Information Security Advice for SMB (Infographic)
The Role of File Auditing in Compliance
Key Indicators of Compromise to Prevent a Breach
Logon session monitoring is different than logon session reporting.
Logon session monitoring is being able to say, in real time, who is logged on at which computers and to answer two questions:
And for the same reasons, there is no way to do that with your native Windows functionality.
Instead, what you have to do is figure that out one server at a time. You can go to a given single server, go to Computer Management > Shared Folders > Sessions, and you can look it up that way.
But this is even more important in some ways (for instance, with job terminations) when you need to determine immediately where is this specific user, what are all the computers where this user is potentially logged on, and you have to get him off your network.
It can also be about a resource contention issue: if a resource is currently locked by a user but that user is not at his usual workstation, a System Administrator cannot raise him on the phone or whatever to get him off.
Logon session monitoring is nevertheless required for an Information System to comply with major regulatory constraints, including:
UserLock allows real time session surveillance and monitoring; at all times the administrator knows who is connected, from what workstation(s), since when…
Share this page:
Free number for US & Canada: + 1-800-492-3951
GMT +1: +33 5 59 41 42 20