Apply 2FA on Windows AD logins, IIS, VPN, RDP & RD Gateway, Off-network and SaaS connections.
Choose between push notifications, hardware devices, or authenticator apps as MFA methods.
Secure access to cloud apps with SSO combined with MFA and context-aware restrictions.
Monitor, alert, and respond in real time to all user access activity.
Control how users access the network based on machine or device, time, session type or simultaneous connections.
Get centralized auditing across your network and report on all Windows user access events.
Here again, Windows does provide logon workstation restriction functionality on a user-by-user basis.
A System Administrator can go into a user's account and restrict him to only being able to log on from specific computers, but there is no way to do it by group and this is a real deterrent to implement and enforce an efficient access security policy. It is indeed very relevant to reduce the number of computers on which an account could be attacked or exploited if someone guesses the password or gets it using social engineering techniques and therefore reduce your Windows network attack surface.
This feature is nonetheless and logically required for an Information System to comply with major regulatory constraints, including:
UserLock allows user group's network access restriction per workstation, IP range or Organizational Unit. By doing this, users can be limited to their own workstation, department, floor, building…
Share this page:
Select language:
Business privacy policy - User License Agreement - General conditions - Manage your cookies
© IS Decisions