User Logon Security for Windows Active Directory
Powerful protection for all Windows Active Directory domain logins, even when credentials are compromised. UserLock helps administrators to manage and secure access for every user, without obstructing employees or frustrating IT.
Control and Protect
With UserLock, IT can set and enforce a controlled user access policy that will automatically permit or deny user logins. Based on multiple criteria that support an organization’s policies UserLock can control user access to protect a Windows Active Directory network and all of the data contained within.
Restrict AD Logon by session type
Access restrictions take into consideration different session types (including Wi-Fi, VPN and IIS sessions) to meet the demands of a remote and mobile workforce. Help control a wireless network, secure BYOD environments and control access to email off-premises.
Limit Active Directory concurrent logins across a Windows server based network
The ability to prevent or limit concurrent or multiple logins, averts one of the most potentially dangerous situations for a Windows Active Directory network. UserLock controls concurrent sessions and sets limitations in a granular way according to user, user groups, organizational units and session types.
Restrict Active Directory User Logon by Workstation, Device or IP Address
Control, restrict and enforce where users may logon. Restrict users to workstation or device, IP range, department, floor or building. Go beyond native Windows controls and centrally restrict for an entire group.
Restrict Active Directory User Logon Hours
Control the hours and days when protected users can logon onto the network. Define working hours and/or maximum session time. Go beyond native Windows controls and restrict user logon hours by group and force logoff when time restrictions expire.
Monitor User Logon and Logoff
UserLock continuously monitors all login and session events, automatically blocking all inappropriate or suspicious sessions. This real-time monitoring of user activity lets you know the number of concurrent logins, who is connected from which workstation/device and since when.
Alert and Respond To Active Directory Logon Events
Receive alerts and instantly take appropriate security measures to alleviate IT security threats coming from suspicious or disruptive logon events. UserLock empowers IT teams with this response capability.
Audit Logon Events & Reporting
Report and Audit on all Windows and Active Directory access events. UserLock centralizes and archives all access events occurring on your Windows systems offering detailed insights to support IT Forensics.
Privileged user monitoring & auditing
Settings, logs and policy rules can be secured for all UserLock’s privileged users. Protect against bad or careless behavior by those who have administration rights and answer the needs for major regulatory compliance.
Reduce the attack surface of your Windows Network Infrastructure
Logins are the first line of defense in controlling and securing Windows network access. In order to reduce the attack surface of a Windows-based IT infrastructure, access to a network must be set, controlled and enforced. UserLock enables the implementation and strict enforcement of a user access control policy. UserLock allows you to Control “When”, “Where” and “How Long” your users access the resources on your network.
Alleviate the threat of shared passwords within an organization
Despite increased education and user security awareness, employees continue to share credentials, as there is no consequence on their own network access. Limiting or preventing concurrent logins decreases the likelihood of users sharing passwords. as it impacts their own ability to access the network. It provides the motivation to adhere to password security policy and help protect the organization’s critical assets. Preventing concurrent logins also makes it impossible for a rogue user to use valid credentials at the same time as their legitimate owner and prevents serious accountability and non-repudiation issues.
Efficiently mitigate insider threat and respond to suspicious or disruptive behavior
Addressing insider threats requires a layered defense strategy, consisting of policies, procedures and technologies. UserLock takes security controls beyond native Windows functionality and helps organizations mitigate insider threat.
-- Secures network access with granular access control
-- Prevents users from sharing credentials to ensure access to critical assets is attributed to individual employees
-- Stops rogue users from using valid credentials at the same time as their legitimate owner
-- Monitoring and alerts on all Windows network sessions in real time to allow IT security teams to immediately respond to suspicious or disruptive behavior, reducing the risk of malicious insider activity
-- Deactivates computer access within seconds to reduce risk from disgruntled employees
-- Tracks and reports on all Windows and Active Directory sessions to support accurate and detailed IT forensics in the event of any suspected insider activity
-- Warns users with customized messages to increase user security awareness and educate about insider threats
Perform accurate IT forensics in the event of an IT security breach.
UserLock records and reports on every session access event, enabling IT security teams to perform accurate and detailed IT forensics to support internal analysis and legal investigations. If an IT security breach does occur, UserLock will provide accurate, detailed information about who was connected, from which system(s), since what time, for how long, etc.
Enforce compliance with major regulations
UserLock has been recognized in facilitating regulatory or methodological standard conformity, helping to ensure the integrity of the entire information system, and providing data necessary for the development of numerous conformity reports. UserLock provides specific features to identify, search, report and archive user access for compliance with major industry regulations, including HIPAA, NIST 800-53, Sarbanes-Oxley, NISPOM Chapter 8, PCI, Bâle II, ICD 503.
Optimize workstation usage
In a time of budget constraints, investing in additional machines for free access computer rooms is difficult to justify. To increase the number of available resources, UserLock Remote Session Administration allows the network administrator to remotely disconnect sessions left opened or locked. UserLock dashboard also provides visibility of available machines and the amount of time each machine has been used, ensuring fair sharing of computer resources.
Control Wi-Fi sessions for secure BYOD environments
UserLock secures network access across all session types, including Wi-Fi and VPN, and permits an organization to control their wireless networks and secure bring-your-own-devices (BYOD) environments. BYOD is a security concern for many IT departments today. Allowing employee-owned, unsecured user devices access to corporate resources comes with great risk to sensitive data. UserLock allows you to monitor, restrict and record every Wi-Fi and VPN session, helping organizations control BYOD risk.
Enforce IT security policies
UserLock supports IT’s effort to communicate consistent and clear security policies and controls through its notification system. Messages about legal and contractual implications discourage employees from committing cybercrime or lashing out at the organization for a perceived injustice. By preventing concurrent logins, organizations have clearly communicated rules of accountability, can ensure that access to critical assets is attributed to individual employees, and are able to enforce policies and procedures consistently to address violations that do occur.
UserLock's licensing scheme is per maximum simultaneous sessions on your network. This usually amounts to the total workstations. A license is also required per terminal session (Terminal Server, Citrix, …), Wi-Fi session, VPN session, IIS session and/or virtual machine, if any. UserLock will not protect sessions exceeding the license count. Pricing includes maintenance (minor and major releases and technical support) for the first year. Annual renewals are based on 20% of the licence cost. Discount plans are also available for non-profit and educational organizations.