Enforce user logon restrictions with contextual access management

Using the contextual information around a user’s logon, UserLock will authorize, deny or limit how a user can access the network, once authenticated. Manage and control all logon and logon attempts to your Windows AD domain.

Start a free trial Book a Demo
Control and protect

Context-Aware Restrictions Stop Unauthorized Access

Working alongside Active Directory to extend its security, UserLock can apply customized login restrictions by user, group or organizational unit (OU). Any logon attempts that don’t satisfy these conditions are automatically blocked.

Origin

Origin

Limit access by location
with controls at workstation, device, IP range, organizational unit (OU), department
and country.
Learn more

Time

Limit access to specific timeframes and set daily, weekly or monthly time quotas, maximum session times and idle session time.
Learn more

Session typeSession type

Session type

Control workstation, terminal, Wi-Fi, VPN and IIS sessions to protect both interactive sessions and network access for remote and mobile users.
Learn more

Simultaneous Connections

Simultaneous Connections

Limit the number of unique entry points and concurrent sessions to prevent simultaneous logins from a single identity.
Learn more

Userlock Anywhere to protect any remote access

Users working remotely may not always be connected to the corporate network. This ‘offline domain access’ – without a VPN - remains protected by UserLock Anywhere.

  • Keep enforcing contextual restrictions to deny connections and to force remote sessions to close.
  • Continue to respect login policies such as controlling devices, working hours or time quotas.

How to install UserLock Anywhere

Build Effective Restrictions That Protect against Security Breaches

It's tough to identify malicious network access from phished, stolen or shared user login credentials. Your system believes that person on the network is who they say they are. But with UserLock you can build effective restrictions — personalized easily to each employee — that protect against unauthorized access, even when credentials are compromised.

Watch popular Use Cases

Displaying Effective Restrictions UserLock allows you to easily check all effective restrictions
that are applied to a specific user, group or OU.

Example: Display restrictions set for the user Alice:

Concurrent sessions allowed

Initial access points

Limited to 1

Workstation sessions

Limited to 1

Terminal sessions

Limited to 0

Restriction settings

Authorized the following list

Interactive

WKS005

Station

10.1.2.15-10.1.2.30

Interactive

OU=SalesWKS,OU=Sales,DC=MyDomain,DC=local

Restriction settings

Authorized the following list

Interactive

Mon to Fri: 08:00:00 to 19:00:00

Workstation

Saturday: 09:00:00 to 13:00:00

Action to take in case of overtime

Logoff session

Maximum session lenght

Limited to 15 min

Logoff notification timeout

Limited to 5 min

Workstation

Week:37:00:00

Allow to logoff an existing session if the number of allowed sessions has already been reached

Disabled

Allow only one unlocked interactive session

Disabled

Display the welcome message

Enabled

Warn users in real time of all connection events involving their credentials

Enabled

Non Intrusive Security

Non-Intrusive Security That Doesn’t Impede End Users

Transparent to the end-user, contextual access protection ensures employees remain productive and are not unnecessarily interrupted by additional security steps.

Non Intrusive Security

Non Disruptive Technology That Doesn’t Frustrate IT Teams

UserLock is a client-server application that works right alongside Active Directory to enhance its security, not replace it. No modifications are made to Active Directory or its schema.

"UserLock is simple to install, easy to configure and offers a level of protection that all small, medium and large business should be implementing as part of their security roadmap."

"UserLock offers Windows server administrators powerful access protection to prevent internal and external threats related to compromised credentials."

"Organizations need to control who has access to their systems, networks, and company-sensitive information. UserLock provides businesses with facilities that strengthen network logon security."

"The control over a user’s ability to log on is granular, but the best feature for me is that it is non-invasive – no schema extensions information left behind to worry about."

Ricky Magalhaes
WindowSecurity.com

HelpNet Security HelpNet Security

Andrew Kellett
Principal Analyst, Infrastructure Solutions, Ovum

Matt Hitchcock,
Active Directory Technical Lead at Barclays Bank

User Logon Controls Far Beyond Native Windows Active Directory

UserLock helps IT implement effective logon controls that have proven impossible or extremely cumbersome to achieve through native Windows features alone.

Set restrictions by
Group and OU

This saves considerable time and allows IT to set a centralized access control policy across the organization.

Apply
temporary controls

Set for a defined time period. No users are left with access rules beyond their immediate need.

Identify an Initial Access Point from a nested session

Authorize access based on whether a session is a new point of entry or from an existing session.

Limit or prevent
concurrent sessions

Restrict a user account to access only one computer/device at a time.

Force logoff outside of authorized timeframes

Disconnect a user when they are logged on at the console.

Send previous logon notifications

Inform users of previous connection events involving their credential.

Warn users of suspicious credential use

Alert users in real-time to access events (successful or not) involving their account credentials.

Now Available in UserLock 11.2

Get the New, Intuitive UserLock Web App

Monitor and respond to network sessions quickly, easily, and from anywhere with the all new UserLock Web App.

Discover

New UserLock Web App

Logon Controls FOR REGULATORY COMPLIANCE

Controlling system access, verifying employees' claimed identity, restricting users from sharing logins and preventing simultaneous logins are all key elements required for compliance with major industry regulations. Learn how UserLock can help organizations address these requirements and get compliant:

GDPR

Address GDPR compliance
to keep personal data safe

HIPAA

Address HIPAA compliance
to keep patient data safe

PCI DSS

Address PCI DSS compliance to keep sensitive cardholder data safe

Sarbanes Oxley’s (SOX)

Comply with Sarbanes Oxley’s (SOX) security regulations

ISO 27001

Address network and information access for ISO 27001 compliance

NIST 800-53

Address NIST 800-53 and NIST 800-171 compliance to keep federal data safe

UserLock

Request a personalized demo now

Discover how UserLock can help you meet your needs.

Demo

Secure Active Directory Credentials with Multi-Factor Authentication (MFA)

Read More

Download UserLock

The trial version offers:

  • 30-day full version
  • no user limits
  • free technical support

Supported systems

Release Date : 2/16/2023
Version : UserLock 11.2.2
What's new in this version ?

Please read the Beta Testing Procedure before installing this version.

The beta version includes:

  • 30-day full version
  • no user limits
  • free technical support

Release Date : 3/13/2023
Version : UserLock 12 beta
What's new in this version ?

Supported systems