See all insights
Apply 2FA on Windows AD logins, IIS, VPN, RDP & RD Gateway, Off-network and SaaS connections.
Choose between push notifications, Token2, YubiKey, or authenticator apps as MFA methods.
Secure access to cloud apps with SSO combined with MFA and context-aware restrictions.
Track, alert and respond to all user access activity in real time, and get centralized auditing for detailed reporting.
Control how users access the network based on machine or device, time, session type or simultaneous connections.
Access UserLock from any machine in the network, with all-new features only available in the web app.
Download as PDF
Whether because of exploited users, careless errors, malicious actions or external attacks, your employees’ login credentials can be effortlessly compromised. And when they are, your anti-virus, anti-intrusion, firewall and other security technologies won’t flag anything unusual. Those tools believe that if the person accessing your network enters the right credentials, then they are exactly who they say they are – an authenticated user with authorized access!
Knowing that the majority of data breaches stem from compromised credentials, organizations need to better protect access for all employee logins – not just the privileged users/administrators. Any account with access to data that is sensitive, privileged or otherwise valuable is at risk.
By adding two-factor authentication (2FA), single sign-on (SSO), contextual restrictions and real-time insight around logon activity, UserLock helps administrators secure, monitor and respond to user access, preventing damage before it’s done.
And with UserLock, access to any data or resource is now always identifiable and attributed to one individual user. This accountability discourages an insider from acting maliciously, and makes all users more careful with their actions. It’s also necessary for many organizations to fulfill common compliance or cyber-insurance requirements.
Verify the identity of all users with strong two-factor authentication (2FA) on Windows logon, Remote Desktop (RDP & RD Gateway), IIS, VPN and Cloud Applications. Using authenticator applications, push notifications, or programmable hardware tokens such as YubiKey or Token 2, administrators can customize the circumstances under which 2FA is asked.
Choose the MFA method that's best for your team:
UserLock Single Sign-On (SSO) gives employees secure and frictionless access to Microsoft 365 and cloud applications – from wherever they work – using only their on-premises Active Directory (AD) credentials with SAML 2.0 federated authentication. Organizations can retain AD as the authoritative identity provider, while extending it to work with the cloud.
Administrators can set rules to authorize, deny or limit any login (including remote access) based on contextual factors like machine, location, time, session type, or number of simultaneous connections.
Real-time visibility into all user access gives administrators insights into potential threats and the ability to respond to any session, directly from the console. And, a centralized audit for reporting on all AD user login activity allows administrators to report on who was connected, from which system(s), since what time, for how long, etc.
Allows IT to interact remotely with a suspect session, to lock the session, log off the user, or even block them from further logons.
Download the new, intuitive UserLock Web App in version 11.2 to monitor, respond, and report on network sessions quickly and easily, from anywhere.
Set up alerts to notify IT and the user themselves of inappropriate logon activity and failed attempts.
Works seamlessly alongside your existing investment in Active Directory, reducing complexity and frustration for IT teams. No modifications are made to accounts, structure or schema.
Easily adopted by end-users with the best balance of security and usability. Granular controls allow for customized restrictions that protect access without getting in the way of employee productivity.
Quick to deploy and intuitive to manage, administrators can set up UserLock in minutes on a standard Windows Server.
AD Group level controls and an automated deployment engine make implementation easy for any number of users.
Building on your investment in AD, UserLock offers additional, effective and affordable security.
Helps expedite and/or schedule certain tasks and execute personalized requests on the information within UserLock.
Integrate the valuable data managed by UserLock with other solutions to improve overall IT security management.
A UserLock backup server can be installed to guarantee failover.
Supported operating systems include Windows Server 2003 or higher and Windows 7 or higher.
Active Directory required (for workgroups, see the Standalone Terminal Server UserLock server type).
Functional level of forest and domain: Windows Server 2003 or higher.
UserLock supports the following operating systems:
For all information on requirements
Start your free trial today
IS Decisions is a global software company specializing in access management and MFA for on-premises and hybrid active directory environments. Trusted by over 3400 organizations, we offer proven solutions for both small to medium-sized businesses (SMBs) and large organizations, including some of the most regulated and security-conscious organizations in the world.
PDF Version - 610 KB
Free number for US & Canada: + 1-800-492-3951
GMT +1: +33 5 59 41 42 20
© IS Decisions