Search icon
IS Decisions

Userlock 8.5

Monitoring User Logon across the Windows Server Network

UserLock offers a real-time approach to continuous access monitoring.  To help further verify all users’ identity a risk indicator allows administrators to evaluate and detect suspicious access behavior at a glance.

Real-Time Monitoring Of Users Logon/Logoff Activity

Real-Time monitoring provides IT teams with unique features to easily track, report and alert on all user logon activity.

It lets you know the number of concurrent logins, who is connected from which workstation/device and since when.  It offers the visibility into what specific users are doing and the ability to take appropriate security measures to alleviate IT security threats.

With UserLock you can monitor user sessions by either user or computer.

Get information by user

User details

View the display name, the user account, the organisational unit, etc.

Opened sessions

View all the sessions status opened by a user, from where he has logged on, since when, etc.

Last logoff

View the last workstation on which the user logged off and the time of the last logoff

Get information by machine

Machine details

View the computer name, the client IP, the organisational unit, etc.

Opened sessions

Get the list of all users with a session on this computer.

Computer localisation

Get the building and the room of the computer (if a localisation is enabled)

Detect And Evaluate User’s Suspicious Logon Behavior

UserLock 8.0 now offers administrators more intelligent threat detection.  The real time monitoring incorporates a risk indicator, identifying suspicious network access behavior at a glance.

User Status

The new User Status feature evolves according to the user’s actions when accessing or attempting to access the network.  Correlating each user’s logon events with their customised access controls, it delivers a complete view of an organisation’s network activity and risks, allowing administrators to focus on activity deemed to be of risk or high risk.

For example; a large number of concurrent sessions, users with many denied logon attempts, user accounts that are not protected by UserLock and subject to control policies, etc…

Email alerts

Email alerts can also be defined to warn on user status change and a history of the user status changes is also kept for auditing and reporting.

The different settings that trigger status changes can be adapted through the UserLock Server Properties and Alert Notifications.