UserLock

UserLock limits concurrent logins, restricts access, monitors, alerts and reports on session activity throughout the corporate Windows network.

UserLock is an user login security for Windows Active Directory. It works alongside Active Directory to protect access to Windows systems. With specific and customisable user login rules and real-time monitoring, UserLock reduces the risk of external attacks and internal security breaches while helping to address regulatory compliance.

Key Features:

• Control and Protect: With UserLock, IT can set and enforce a controlled user access policy that will automatically permit or deny user logins. Based on multiple criteria that support an organisations policies UserLock can control user access to protect a Windows Active Directory network and all of the data contained within.
  
• Restrict AD Logon by session type: Access restrictions take into consideration different session types (including Wi-Fi, VPN and IIS sessions) to meet the demands of a remote and mobile workforce. Help control a wireless network, secure BYOD environments and control access to email off-premises.
  
• Limit Concurrent Logins: The ability to prevent or limit concurrent or multiple logins, averts one of the most potentially dangerous situations for a Windows Active Directory network. UserLock controls concurrent sessions and sets limitations in a granular way according to user, user groups, organisational units and session types.
  
• Restrict Active Directory User Logon by Workstation, Device or IP Address: Control, restrict and enforce where users may logon. Restrict users to workstation or device, IP range, department, floor or building. Go beyond native Windows controls and centrally restrict for an entire group.
  
• Restrict & Enforce User Logon Time: Control the hours and days when protected users can logon onto the network. Define working hours and/or maximum session time. Go beyond native Windows controls and restrict user logon hours by group and force logoff when time restrictions expire.
  
• Monitor User Logon and Logoff: UserLock continuously monitors all login and session events, automatically blocking all inappropriate or suspicious sessions. This real-time monitoring of user activity lets you know the number of concurrent logins, who is connected from which workstation/device and since when.
  
• Alert and Respond To Active Directory Logon Events: Receive alerts and instantly take appropriate security measures to alleviate IT security threats coming from suspicious or disruptive logon events. UserLock empowers IT teams with this response capability.
  
• Audit Logon Events & Reporting: Report and Audit on all Windows and Active Directory access events. UserLock centralises and archives all access events occurring on your Windows systems offering detailed insights to support IT Forensics.
  
• Privileged user monitoring & auditing: Settings, logs and policy rules can be secured for all UserLocks privileged users. Protect against bad or careless behavior by those who have administration rights and answer the needs for major regulatory compliance.
  

UserLock - Features

UserLock secures access to Windows networks by restricting simultaneous sessions, by limiting user access to the network and by providing administrators with remote session control, alert options and advanced reporting for session analysis.

UserLock Features

Simultaneous session prevention/restriction

UserLock allows simultaneous logon (same ID, same password) limitation or prohibition, per user or user group.

A limit can also be set for the total number of sessions of all members of a group. This for example useful if each department of an organization is only allowed to open a limited number of terminal sessions on servers in order to fairly share resources.

Workstation(s) restriction

UserLock allows user or user group’s network access restriction per workstation or IP range. By doing this, users can be limited to their own workstation, department, floor, building…

Time restriction

UserLock allows defining working hours and/or maximum session time for protected users. Outside of this (these) timeframe(s) and/or when time is up, users will be disconnected with prior warning.

Alerts and notifications

UserLock can send popup or email alerts to the network administrators for specific events per user or group (denied logons, successful logons, logoffs…).

Remote session management

An administrator can remotely lock, unlock, logoff and reset all sessions, either from the administration console or the Web interface.

Tailor-made User Notification

UserLock allows notifying all users prior to gaining access to a system with a tailor-made warning message (NISPOM Chapter 8 and DCID 6/3 requirement). Users can for example be advised that system usage is monitored, recorded, and subject to audit, and that unauthorized use is prohibited and subject to criminal and civil penalties.

They can also be provided with the following information:

• last workstation logged on
• date and time of last successful logon
• history of all logons denied by UserLock and Windows since last successful logon
• number of logons denied by UserLock and Windows since last successful logon

This is one of the most effective ways to detect people impersonating other user accounts.

End-user assistance

Network administrators can enable:

• an option allowing users to remotely disconnect their previous session as they logon to another computer. This will avoid users from having to go back to the previous computer.
• a public Web interface to display system usage (per session status) in real time, allowing users to easily find an available computer; the interface can for example display systems available in a room (depending on computer naming convention), ideal for organizations with free access computers.

Connectivity surveillance and monitoring

UserLock allows real time session surveillance and monitoring; at all times the administrator knows who is connected, from what workstation(s), since when…

Analysis and reporting

UserLock records all session logging and locking events in an ODBC database (Access, SQL server, Oracle…) for future reference.

Reports can automatically be generated at regular intervals, in order to update an Intranet Web site, or being sent by Email (using third party software)

UserLock provides 4 predefined reports:

• Session history: Comprehensive session list (logon, lock, unlock, logoff instances, users, domains, workstations…)
• Session Statistics: Displays for a given user and period, total sessions, total connection time, average time per session, per worked day or per week.
• Agent Distribution: View of the agent installation status on all computers of the protected network zone.
• User sessions: Instantaneous view of all user session at display time.
• Dashboard: Printable version of Dashboard

Flexibility, ease of use and security

• Centralized administration
  UserLock’s administration console gives access to all options and screens, and is very simple of use; the console works as a Windows service (can be installed on a desktop).
• Delegated administration
  Certain users can be given the ability to view and manage sessions without having access to more critical UserLock settings such as protected accounts configuration, agent distribution …
• Management via Web interface
  Remote session management is possible from any computer connected to internet.
• Pin-pointed protection
  UserLock allows protection for a single domain, several domains (with domain approbations) or only one of an Active Directory’s Organizational Units (OU).
• Terminal session management and 64x systems
  UserLock supports terminal sessions (Microsoft Terminal Server and Citrix Metaframe) as well as 64bit systems
• RAS session management NEW
  UserLock can protect RAS sessions on a RRAS server or on a hardware router with RADIUS authentication on a IAS server.
• Easy setup
  UserLock installs in minutes on a standard Windows server (NT4 SP4/2000/2003), a micro-agent is automatically deployed on selected workstations.
• Backup
  It is possible to install a UserLock backup server to guarantee protection even if the primary UserLock server crashes.

UserLock functionality

UserLock significantly reinforces Windows infrastructures security by giving network administrators the ability to:

• implement and enforce efficient restriction and access policies for Windows 2000/XP/2003/Vista/2008/Seven networks (LAN and WAN)
• be alerted when specific events occur (accepted logins, denied logins) by user or user group
• remotely log off or lock a user session
• monitor in real time all connectivity on the network
• automatically log activity and generate precise session reports and statistics

You will be able to:

• limit the amount of simultaneous sessions (same ID, same password) per user or per user group
• limit user access to the network per computer or computer range (department, room, floor, building)
• enforce logon time restrictions on a group-by-group basis
• know at any time what user(s) is/are connected, on what workstation(s), since when

How does UserLock work?

UserLock is very simple to use and doesnt require any prior training.

Only a few minutes are necessary to get UserLock running and securing access to your network:

• Install UserLock on a Windows server (neednt be the domain controller) and select the zone you wish to protect (all trusted domains, one domain or an organizational unit) using the setup assistant.
• Deploy the UserLock agent (100 KB dll) to a selection of workstations from the administration console.
• Define for each user or user group the total amount of simultaneous sessions allowed.
• Define for each user or user group the workstation(s) from which they can login.
• Define logon time restrictions on a group-by-group basis.

Full list of features for Version 5.0.

Back to top

UserLock - System Requirements

System Requirements

For UserLock server

• Windows 2008 Server R2
• Windows 2008 Server
• Windows 2003 Server
• Windows 2000 Server

For UserLock console

• Windows 7
• Windows 2008
• Windows Vista
• Windows XP
• Windows 2003
• Windows 2000

For workstations to protect

• Windows 7
• Windows Vista
• Windows XP
• Windows 2000

For Terminal Servers to protect

• Windows 2008 Server R2
• Windows 2008 Server
• W2008 RemoteApp
• Windows 2003 Server
• Windows 2000 Server
• Citrix Metaframe XP
• Citrix Presentation Server 4
• Citrix XenApp