SlideShare una empresa de Scribd logo

UserLock 9 Technical Presentation

IS Decisions
IS Decisions

UserLock works alongside Active Directory to better protect access to Windows systems. With specific and customizable user login rules and real-time monitoring, UserLock reduces the risk of external attacks and internal security breaches while helping to address regulatory compliance. UserLock is a client server application capable of auditing and controlling different types of user access connections. How UserLock works: The user enters their credentials to log on or to establish a connection to the domain network. These credentials are verified and validated against Active Directory. If the authentication process fails, the connection will be refused by Windows and UserLock does not intervene. The agent will however notify the UserLock server about this logon failure. If the authentication is successful, the UserLock agent will transmit to the UserLock server all information about the context of the connection requested. The UserLock server will then process and analyze the data transmitted by the agent to check access control rules, trigger any alerts, refresh session information and save the user connection event in the database. The server then communicates its decision to the agent regarding the acceptance or refusal of the connection requested. Audited data. UserLock records and reports on every session access event: On a connection event of a domain user to the network, the UserLock agent transmits to the server a set of data. This set includes information on connection event type, connection type requested, the user and the source. This information is retrieved by the agent itself when the connection event is submitted by the user, and sent encrypted to the UserLock server, which determines the time of the connection request and saves all in its database. Thus all user connection information performed on agent hosts are collected and stored centrally. The exploitation of real-time audited data. All data audited at the moment of attempted connection is analyzed to verify if the user requesting the connection is subject to access control rules. Transparent to the user, these context aware access controls help verify authenticated users' claimed identity to protect against unauthorized access and compromised credentials. Real Time alert notifications. The user rules also include alert notifications for defined connection events. Two types of alerts can be defined, pop-up and email messages.

Tecnología
1 de 35
Descargar para leer sin conexión
UserLock® User logon security for Windows Active Directory
“UserLock works alongside Active Directory to better protect access to Windows systems. With specific and customizable user login rules and real-time monitoring, UserLock reduces the risk of external attacks and internal security breaches while helping to address regulatory compliance.”
PROTECT, DETECT AND REACT TO ALL USER’S ACCESS TO MICROSOFT WINDOWS SERVER-BASED NETWORKS User Logon Security for Windows Active Directory 1 2 3 GUARD AGAINST UNAUTHORIZED ACCESS USING COMPROMISED CREDENTIALS THAT ARISE FROM EXTERNAL ATTACKS ELIMINATE THE RISKS FROM POOR USER SECURITY BEHAVIOUR (PASSWORD SHARING, UNATTENDED WORKSTATIONS…) VERIFY AUTHENTICATED USERS’ CLAIMED IDENTITY AND ATTRIBUTE ALL ACTIONS TO AN INDIVIDUAL USER TO DISCOURAGE MALICIOUS ACTIVITY 4 REDUCE THE NUMBER OF INCIDENTS OF NON-COMPLIANCE. USERLOCK SUPPORTS MANY REGULATORY REQUIREMENTS OF PCI DSS, HIPAA, ISO27001… UserLock offers stronger security for Windows user logins, without impeding end users or frustrating IT teams. Harden your defence against unauthorized network access and compromised credentials. ACCESS CONTROL AND PROTECTION Set and enforce non-intrusive, context-aware access controls that define network access conditions for all Windows users. DETECTION AND RESPONSE Real-time monitoring and risk detection tools immediately alert you to suspicious logon activity so you can take action quickly – crucially before that activity becomes a serious problem. USER SECURITY EDUCATION Guide and disseminate good end-user security behaviour through alerts and notifications on users own trusted access ‘in situ’, to help users avoid careless mistakes and discourage malicious actions.
USERLOCK WORKS ALONGSIDE ACTIVE DIRECTORY IN A MICROSOFT WINDOWS ENVIRONMENT UserLock is a client server application capable of auditing and controlling different types of user access connections NON-DISTRUPTIVE TECHNOLOGY No modifications are made to Active Directory or its schema. UserLock works alongside Active Directory to extend not replace its security. FAST AGENT DEPLOYMENT A micro agent is deployed automatically (or manually) on all machines. Once installed all access connections are detected and saved in the UserLock database. FAST IMPLEMENTATION Hosted on any server member of the domain. Managed remotely on workstations or through a web console anywhere on the network (mobile, tablet) ALL SESSION TYPES UserLock offers several agent types according to the types of session it has to monitor, workstation, terminal, Wi-Fi & VPN and IIS
GENERAL PROCESS DESCRIPTION How UserLock Works The user enters their credentials to log on or to establish a connection to the domain network. These credentials are verified and validated against Active Directory. If the authentication process fails, the connection will be refused by Windows and UserLock does not intervene. The agent will however notify the UserLock server about this logon failure. Different agents are available depending on the connection type to be audited and the technology used to configure these connections. The general process is the same regardless of the agent type.
GENERAL PROCESS DESCRIPTION How UserLock Works If the authentication is successful, the UserLock agent will transmit to the UserLock server all information about the context of the connection requested. The UserLock server will then process and analyze the data transmitted by the agent to check access control rules, trigger any alerts, refresh session information and save the user connection event in the database. The server then communicates its decision to the agent regarding the acceptance or refusal of the connection requested.
USERLOCK RECORDS AND REPORTS ON EVERY SESSION ACCESS EVENT Audited Data On a connection event of a domain user to the network, the UserLock agent transmits to the server a set of data. This set includes information on: Logon, reconnection, disconnection, logoff, lock, unlock. Connection event type Workstation, terminal, Wi-Fi, VPN, IIS. Connection type requested Domain, username. The user Machine or device name, IP address. The source This information is retrieved by the agent itself when the connection event is submitted by the user, and sent encrypted to the UserLock server, which determines the time of the connection request and saves all in its database. Thus all user connection information performed on agent hosts are collected and stored centrally.
THE EXPLOITATION OF REAL-TIME AUDITED DATA
SET AND ENFORCE NETWORK ACCESS CONDITIONS FOR ALL WINDOWS USERS’ WITHOUT FRUSTRATING OR IMPEDING END USERS User Access Control – Permanent and temporary rules Transparent to the user, these controls help verify authenticated users’ claimed identity to protect against unauthorized access and compromised credentials. Context-aware access control • Number of simultaneous initial access points • The type of connection: workstation, terminal, IIS, Wi-Fi and VPN • The total number of concurrent connections and by type of connection • The origin of the connection • The time of the connection • The connection time quota and by requested type of connection All data audited at the moment of attempted connection is analyzed to verify if the user requesting the connection is subject to access control rules. Defined for a user account, a user group and/or an organizational unit of users, the rules allow or deny a connection requested by a domain user account. UserLock then transmits this decision to the agent of the relevant system.
DIFFERENTIATE IN REAL TIME AN INITIAL ACCESS POINT FROM A NESTED SESSION Initial Access Points UserLock can analyze what the sequence is of a user’s connections to determine whether a session is a new point of entry to the network or a connection performed from an existing session. A new point of entry is considered as the initial access point for the user initiating the connection.
RESTRICTIONS TO VERIFY AN AUTHENTICATED USERS’ IDENTITY Initial Access Points Limiting the number of initial access points to one will ensure that the user won't be able to open a session from a second location. If you don't limit the number of concurrent sessions allowed, the user will be able to open as many sessions as they want, but only if they are children/nested sessions of the same initial access point. The results are displayed in real time in UserLock with icons that tag sessions to differentiate an initial access point from a nested session.
MANAGE AND RESTRICT SIMULTANEOUS CONNECTIONS Concurrent Sessions The limit of concurrent sessions allowed can be used in association with the limit of initial access points to define how many and which types of session (workstation, terminal, Wi-Fi/VPN and IIS) a user can open from the same initial access point. In the example where workstations are limited to 1, if a user tries to open a second session while the previous is open, their logon will be denied. If the number of initial access points allowed is not configured, the number of permitted concurrent sessions will still be effective.
MANAGE AND RESTRICT ACCESS BY LOCATION Control Access by Origin Define and manage the workstations/terminals, IP range and session type from which a user, group or organizational unit may log on. For example, to restrict a user to connect only from a specific machine. Within UserLock you can query Active Directory to check and select named workstations, users, groups or organizational units.
MANAGE AND RESTRICT CONNECTION HOURS Control Access by Time The 'Hour restrictions' section allows you to define, by session type, periods of time during which users can or cannot logon to the network. For example, to prevent access connections outside certain hours. When the authorized time frame has expired, a warning notification can be displayed to users before automatically initiating a forced session logoff or session lock. You can also choose to apply the time restrictions according to the machine’s local time zone.
MANAGE AND RESTRICT CONNECTION HOURS Control by Time Quota A connection time quota can be assigned to determine the maximum period of time connected to the network during a recurring period (day,week, month… ) for specified session types. The ‘consumed time’ per user can be displayed and managed from the UserLock console.
MANAGE AND RESTRICT UNATTENDED WORKSTATIONS Automatic Logoff for Idle Sessions UserLock can automatically log off sessions after a specific idle time. Every session of the user account is closed after a chosen idle time period. It can be defined by user, group and Organizational Unit.
A ‘SINGLE ACTIVE SESSION’ OFFERS FLEXIBILITY FOR THE USER Additional Options By distinguishing between an active session and a locked session, UserLock can: • Allow users to log off an existing session remotely if the number of allowed sessions has already been reached. • Allow only one unlocked interactive session at a time. Any other session will be automatically locked or disconnected by UserLock.
IMMEDIATE RESPONSE TO ALERT ON OR AUTOMATICALLY BLOCK SUSPICIOUS LOGON EVENTS Connection Alerts for IT Administrators The user rules also include alert notifications for defined connection events. Two types of alerts can be defined: pop-up messages and email messages Real-Time Alert Notifications The data audited during the connection, whatever the decision taken (authorized, refused or failed), are analyzed and compared against the criteria of alert triggers — defined for the user requesting the connection. These alerts are triggered to inform the predefined recipients for the following connection events: logon, logoff, lock, unlock, disconnect, reconnect, logon denied by Windows and logon denied by UserLock. For example alerts can be set for failed logon attempts, attempts to log on to default accounts, logon activity during non-working hours…
ALERTS TO POTENTIAL COMPROMISED OR STOLEN CREDENTIALS Connection Alerts for End Users An option allows a pop-up message to be displayed for every session of a user when their credentials are used from another machine or used to open another connection. Warnings (real-time) direct to the user The audited data collected at connection attempts also allows the user to be alerted every time their credentials are used on the network. This alert message indicates the source of the connection, the type of the connection, the time and their status (accepted or denied). The user is then invited to report this event to their IT team if they are not responsible for the requested connection, and to change their password if potentially compromised. A UserLock administrator can customize this alert message and choose which connection events will trigger it.
BETTER IDENTIFY SUSPICIOUS OR INAPPROPRIATE ACCESS BEHAVIOR A Risk Indicator on User Access for IT Administrators By correlating each user’s access events with their customized access controls, each user’s ‘risk status’ evolves according to the user’s actions when accessing or attempting to access the network. Risk status & real-time alerts Six statuses are available to highlight activity that could help detect anomalies in user connection. Activity deemed as risk or high risk are clearly flagged in the console. Alerts can also be sent to administrators on a changing risk status. Threshold triggers on what is considered as risk can also be adapted to suit an organizations own needs. The ‘risk status’ is information and does not result in blocking or denying a user connection — the goal is to highlight risk situation to allow administrators to respond appropriately.
A USER IS CONSIDERED TO HAVE A POTENTIALLY HIGH-RISK BEHAVIOR WHEN: High-Risk Status 1 2 3 THE NUMBER OF SESSIONS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT FREQUENCY OF FAILED LOGONS BY USERLOCK OR/AND WINDOWS IS OVER THE FREQUENCY TOLERATED THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT 4 TWO SIMULTANEOUS INITIAL ACCESS POINTS ARE DETECTED FROM INSIDE AND OUTSIDE THE LOCAL NETWORK
FREQUENCY OF FAILED LOGONS High-Risk Status 1 2 3 THE NUMBER OF SESSIONS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT FREQUENCY OF FAILED LOGONS BY USERLOCK OR/AND WINDOWS IS OVER THE FREQUENCT TOLERATED THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT 4 TWO SIMULTANEOUS INITIAL ACCESS POINTS ARE DETECTED FROM INSIDE AND OUTSIDE THE LOCAL NETWORK The repetition of connection failures over a period of time may be a sign of identity theft attempts or connections attempts from disapproved resources for the user. UserLock agents inform the server about every denied logon from Windows and the associated reason (invalid password, account locked, account disabled, Active Directory policies, etc.) UserLock also saves all denied logon due to UserLock policies and the detailed reason (simultaneous limit, unauthorized machines, forbidden time ranges, etc.). This information is not only saved in the database but also stored in memory within the UserLock service to allow an iterative analysis. It is therefore possible to set a threshold of tolerance for logons denied by Windows or by UserLock beyond which the user status will be switched to high-risk.
DETECT SIMULTANEOUS INITIAL ACCESS POINTS FROM INSIDE AND OUTSIDE THE LOCAL NETWORK High-Risk Status 1 2 3 THE NUMBER OF SESSIONS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT FREQUENCY OF FAILED LOGONS BY USERLOCK OR/AND WINDOWS IS OVER THE FREQUENCT TOLERATED THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT 4 TWO SIMULTANEOUS INITIAL ACCESS POINTS ARE DETECTED FROM INSIDE AND OUTSIDE THE LOCAL NETWORK Example of a user opening a workstation session in the local network while a VPN connection is open from outside.
A USER IS CONSIDERED TO HAVE A POTENTIALLY RISKY BEHAVIOR WHEN: Risk Status 1 2 3 CONNECTION ATTEMPT BLOCKED DUE TO THE ACTIVE DIRECTORY ACCOUNT STATUS USERS OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS THE NUMBER OF SESSIONS OPEN BY SESSION TYPE IS OVER THE ADJUSTABLE THRESHOLDS 4 THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE ADJUSTABLE THRESHOLD
A USER OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS Risk Status 1 2 3 CONNECTION ATTEMPT BLOCKED DUE TO THE ACTIVE DIRECTORY ACCOUNT STATUS BEING LOCKED OR DISABLED USERS OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS THE NUMBER OF SESSIONS OPEN BY SESSION TYPE IS OVER THE ADJUSTABLE THRESHOLDS 4 THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE ADJUSTABLE THRESHOLD UserLock can analyze users’ new connections to detect if this is a new point of entry in the network or a connection performed from an existing session, and in this last case, it can compare the credential used. If the credential used to open a child/nested session is different, UserLock is able to switch the user status to the risk level. Example of a user opening a terminal session from a workstation session with valid but different credentials.
HIGHLIGHT USERS BEYOND CUSTOMIZED THRESHOLDS WITHOUT BLOCKING THEIR CONNECTIONS Risk Status 1 2 3 CONNECTION ATTEMPT BLOCKED DUE TO THE ACTIVE DIRECTORY ACCOUNT STATUS USERS OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS THE NUMBER OF SESSIONS OPEN BY SESSION TYPE IS OVER THE ADJUSTABLE THRESHOLDS 4 THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE ADJUSTABLE THRESHOLD Administrators can use the status ‘Risk’ to highlight users with a number of connections that they deem as abnormal. The goal is to detect easily within the console users having a large number of connections and send an alert if necessary — but without blocking users’ access requests. These threshold values are configurable for one or several types of audited connections.
INFORM ADMINISTRATORS OF OTHER USER CONNECTION ACTIVITY Other Indicative Status
SCHEDULE AND VIEW REPORTS DIRECTLY FROM THE CONSOLE, SEND TO SPECIFIED MAILBOXES AND PRINT AND EXPORT IN SEVERAL FILE FORMATS Reporting and Auditing on all Logon and Logoff Activity All user connection information transmitted by the agent are audited and saved centrally in a database. Information stored can be used to generate predefined reports directly from the console. Centralizing & Archiving all Events Session history: The detailed list of every connection (logon, lock, unlock, disconnection, logoff, users, machines, domains, etc.) available for all session types. User status history: The list of status changes for every user and the reasons. Session statistics: The total number of sessions, the total time and average time per session for a user on a defined period. Session count evolution: Changes in the number of all the interactive sessions open on the network. Two additional reports for Wi-Fi/VPN sessions: History and statistics with additional relevant filters. The ability to view raw data tabled from the database. A tool view allowing you to submit an SQL query from the console itself.
REACT IN REAL TIME TO A SPECIFIC SITUATION
AN IMMEDIATE RESPONSE CAN HELP REDUCE THE RISK OF SECURITY BREACHES Interact Remotely —with all sessions, open or locked React from the UserLock console from any device (smartphone, tablet or computer). Simply selecting on one or several sessions in the UserLock console allows you to launch the following actions on the following session types: Remote response • ‘Workstation’ sessions: Logoff the session, lock the session, send a pop-up message, run a computer command. • ‘Terminal’ sessions: Logoff the session, lock the session, send a pop-up message, run a computer command. • ‘IIS’ sessions: Logoff the session, run a computer command.
Immediately Block a User For any specific user you can block all logon attempts and close all existing sessions remotely, to react quickly to compromised or suspected compromised credentials. Just select the user from the ‘User sessions’ view and launch the command. Until the user is unblocked, all connection attempts will be denied.
LAUNCH PERSONALIZED COMMANDS TARGETING ANY COMPUTERS Computer commands UserLock offers the possibility to launch from the console a predefined computer command or to create your own to run specific jobs or scripts. Actions can include: remote desktop, remote connection to the computer management console, script, event viewer remote connection, etc.).
SECURITY IS AN ITERATIVE PROCESS Adjust user access control rules Access security is not a one-time activity. Restrictions should be evaluated and revised periodically so that improvements can be implemented. User access control rules can be modified at any time for a user or a group, or to create a temporary rule to define an exception for a particular user. All changes are applied in real time and are effective immediately.
DOWNLOAD A FREE FULLY FUNCTIONAL TRIAL NOW WWW.USERLOCK.COM
UserLock 9 Technical Presentation

Recomendados

8 Holes in Windows Login Controls
8 Holes in Windows Login Controls8 Holes in Windows Login Controls
8 Holes in Windows Login ControlsIS Decisions
 
2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)Felipe Prado
 
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Toshiharu Harada, Ph.D
 
Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7EAE
 
Get Ahead of your Next Security Breach
Get Ahead of your Next Security BreachGet Ahead of your Next Security Breach
Get Ahead of your Next Security BreachAbhishek Sood
 
Cross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokensCross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokenseSAT Publishing House
 
Cross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokensCross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokenseSAT Journals
 
Ld3420072014
Ld3420072014Ld3420072014
Ld3420072014IJERA Editor
 

Recomendados

8 Holes in Windows Login Controls
8 Holes in Windows Login Controls8 Holes in Windows Login Controls
8 Holes in Windows Login ControlsIS Decisions
 
2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)2600 v03 n02 (february 1986)
2600 v03 n02 (february 1986)Felipe Prado
 
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Toshiharu Harada, Ph.D
 
Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7EAE
 
Get Ahead of your Next Security Breach
Get Ahead of your Next Security BreachGet Ahead of your Next Security Breach
Get Ahead of your Next Security BreachAbhishek Sood
 
Cross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokensCross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokenseSAT Publishing House
 
Cross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokensCross cloud single sign on (sso) using tokens
Cross cloud single sign on (sso) using tokenseSAT Journals
 
Ld3420072014
Ld3420072014Ld3420072014
Ld3420072014IJERA Editor
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDINTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDIJCI JOURNAL
 
2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoftHendrix Bodden
 
Website vulnerability to session fixation attacks
Website vulnerability to session fixation attacksWebsite vulnerability to session fixation attacks
Website vulnerability to session fixation attacksAlexander Decker
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and RisksInformation Technology
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
 
Operating system security
Operating system securityOperating system security
Operating system securitySarmad Makhdoom
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating SystemMeghaj Mallick
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
Ijarcet vol-2-issue-3-942-946
Ijarcet vol-2-issue-3-942-946Ijarcet vol-2-issue-3-942-946
Ijarcet vol-2-issue-3-942-946Editor IJARCET
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10blusmurfydot1
 
1738 1742
1738 17421738 1742
1738 1742Editor IJARCET
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating systemBhagyashree Barde
 
Super User or Super Threat?
Super User or Super Threat?Super User or Super Threat?
Super User or Super Threat?ObserveIT
 
Authorization
AuthorizationAuthorization
AuthorizationFaraz Qaisrani
 
COMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMCOMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMfaraz hussain
 
Operating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportOperating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportAjit Gaddam
 
A Multidimensional View of Critical Web Application Security Risks: A Novel '...
A Multidimensional View of Critical Web Application Security Risks: A Novel '...A Multidimensional View of Critical Web Application Security Risks: A Novel '...
A Multidimensional View of Critical Web Application Security Risks: A Novel '...Cognizant
 
UserLock Datasheet
UserLock DatasheetUserLock Datasheet
UserLock DatasheetIS Decisions
 
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMIJNSA Journal
 

Más contenido relacionado

La actualidad más candente

Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDINTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDIJCI JOURNAL
 
2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoftHendrix Bodden
 
Website vulnerability to session fixation attacks
Website vulnerability to session fixation attacksWebsite vulnerability to session fixation attacks
Website vulnerability to session fixation attacksAlexander Decker
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
 
Operating system security
Operating system securityOperating system security
Operating system securitySarmad Makhdoom
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating SystemMeghaj Mallick
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
Ijarcet vol-2-issue-3-942-946
Ijarcet vol-2-issue-3-942-946Ijarcet vol-2-issue-3-942-946
Ijarcet vol-2-issue-3-942-946Editor IJARCET
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10blusmurfydot1
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating systemBhagyashree Barde
 
Super User or Super Threat?
Super User or Super Threat?Super User or Super Threat?
Super User or Super Threat?ObserveIT
 
COMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMCOMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMfaraz hussain
 
Operating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportOperating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportAjit Gaddam
 
A Multidimensional View of Critical Web Application Security Risks: A Novel '...
A Multidimensional View of Critical Web Application Security Risks: A Novel '...A Multidimensional View of Critical Web Application Security Risks: A Novel '...
A Multidimensional View of Critical Web Application Security Risks: A Novel '...Cognizant
 

La actualidad más candente (20)

Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
 
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDINTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
 
2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft
 
Website vulnerability to session fixation attacks
Website vulnerability to session fixation attacksWebsite vulnerability to session fixation attacks
Website vulnerability to session fixation attacks
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included features
 
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating System
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
 
Ijarcet vol-2-issue-3-942-946
Ijarcet vol-2-issue-3-942-946Ijarcet vol-2-issue-3-942-946
Ijarcet vol-2-issue-3-942-946
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
 
1738 1742
1738 17421738 1742
1738 1742
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating system
 
Super User or Super Threat?
Super User or Super Threat?Super User or Super Threat?
Super User or Super Threat?
 
Authorization
AuthorizationAuthorization
Authorization
 
COMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMCOMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEM
 
Operating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportOperating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability report
 
A Multidimensional View of Critical Web Application Security Risks: A Novel '...
A Multidimensional View of Critical Web Application Security Risks: A Novel '...A Multidimensional View of Critical Web Application Security Risks: A Novel '...
A Multidimensional View of Critical Web Application Security Risks: A Novel '...
 

Similar a UserLock 9 Technical Presentation

UserLock Datasheet
UserLock DatasheetUserLock Datasheet
UserLock DatasheetIS Decisions
 
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMIJNSA Journal
 
Stop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointStop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointBeyondTrust
 
Windows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic DepartmentWindows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic DepartmentIS Decisions
 
Solvit identity is the new perimeter
Solvit identity is the new perimeterSolvit identity is the new perimeter
Solvit identity is the new perimeterS.E. CTS CERT-GOV-MD
 
It securepro 10 nov 2010
It securepro 10 nov 2010It securepro 10 nov 2010
It securepro 10 nov 2010Agora Group
 
Datasheet over privileged_users
Datasheet over privileged_usersDatasheet over privileged_users
Datasheet over privileged_usersCristian Garcia G.
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurityricharddxd
 
Webhawk as-software
Webhawk as-softwareWebhawk as-software
Webhawk as-softwareDivyanisetia
 
VTScada 11 - SCADA Application Security
VTScada 11 - SCADA Application SecurityVTScada 11 - SCADA Application Security
VTScada 11 - SCADA Application SecurityTrihedral
 
Security Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsSecurity Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsIS Decisions
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingKaren Oliver
 
Observe It Presentation
Observe It PresentationObserve It Presentation
Observe It Presentationtsteh
 
Mitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial SectorMitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial SectorIS Decisions
 
Security curator presentation_eng
Security curator presentation_engSecurity curator presentation_eng
Security curator presentation_engatompark2
 
Part 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docxPart 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docxdanhaley45372
 

Similar a UserLock 9 Technical Presentation (20)

UserLock Datasheet
UserLock DatasheetUserLock Datasheet
UserLock Datasheet
 
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEMARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
 
Stop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointStop the Evil, Protect the Endpoint
Stop the Evil, Protect the Endpoint
 
Windows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic DepartmentWindows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic Department
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Solvit identity is the new perimeter
Solvit identity is the new perimeterSolvit identity is the new perimeter
Solvit identity is the new perimeter
 
Privileged Access Manager Product Q&A
Privileged Access Manager Product Q&APrivileged Access Manager Product Q&A
Privileged Access Manager Product Q&A
 
It securepro 10 nov 2010
It securepro 10 nov 2010It securepro 10 nov 2010
It securepro 10 nov 2010
 
Datasheet over privileged_users
Datasheet over privileged_usersDatasheet over privileged_users
Datasheet over privileged_users
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
Sure log full
Sure log fullSure log full
Sure log full
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurity
 
Webhawk as-software
Webhawk as-softwareWebhawk as-software
Webhawk as-software
 
VTScada 11 - SCADA Application Security
VTScada 11 - SCADA Application SecurityVTScada 11 - SCADA Application Security
VTScada 11 - SCADA Application Security
 
Security Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsSecurity Breaches from Compromised User Logins
Security Breaches from Compromised User Logins
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
Observe It Presentation
Observe It PresentationObserve It Presentation
Observe It Presentation
 
Mitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial SectorMitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial Sector
 
Security curator presentation_eng
Security curator presentation_engSecurity curator presentation_eng
Security curator presentation_eng
 
Part 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docxPart 3 ApplicationEnd-User Security Recommendations.docx
Part 3 ApplicationEnd-User Security Recommendations.docx
 

Más de IS Decisions

IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions
 
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusRisk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusIS Decisions
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsIS Decisions
 
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...IS Decisions
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheetIS Decisions
 
School Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case StudySchool Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case StudyIS Decisions
 
Information Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockInformation Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockIS Decisions
 
FileAudit Presentation | Windows File System Auditing
FileAudit Presentation | Windows File System AuditingFileAudit Presentation | Windows File System Auditing
FileAudit Presentation | Windows File System AuditingIS Decisions
 
UserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows NetworksUserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows NetworksIS Decisions
 
FileAudit Datasheet
FileAudit DatasheetFileAudit Datasheet
FileAudit DatasheetIS Decisions
 
RemoteExec Presentation
RemoteExec PresentationRemoteExec Presentation
RemoteExec PresentationIS Decisions
 
IS Decisions in the NUMB3RS
IS Decisions in the NUMB3RSIS Decisions in the NUMB3RS
IS Decisions in the NUMB3RSIS Decisions
 
IS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions
 
WinReporter Presentation
WinReporter PresentationWinReporter Presentation
WinReporter PresentationIS Decisions
 

Más de IS Decisions (14)

IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.
 
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusRisk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
 
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheet
 
School Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case StudySchool Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case Study
 
Information Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockInformation Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLock
 
FileAudit Presentation | Windows File System Auditing
FileAudit Presentation | Windows File System AuditingFileAudit Presentation | Windows File System Auditing
FileAudit Presentation | Windows File System Auditing
 
UserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows NetworksUserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows Networks
 
FileAudit Datasheet
FileAudit DatasheetFileAudit Datasheet
FileAudit Datasheet
 
RemoteExec Presentation
RemoteExec PresentationRemoteExec Presentation
RemoteExec Presentation
 
IS Decisions in the NUMB3RS
IS Decisions in the NUMB3RSIS Decisions in the NUMB3RS
IS Decisions in the NUMB3RS
 
IS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions Company Presentation
IS Decisions Company Presentation
 
WinReporter Presentation
WinReporter PresentationWinReporter Presentation
WinReporter Presentation
 

Último

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 

Último (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

UserLock 9 Technical Presentation

  • 1. UserLock® User logon security for Windows Active Directory
  • 2. “UserLock works alongside Active Directory to better protect access to Windows systems. With specific and customizable user login rules and real-time monitoring, UserLock reduces the risk of external attacks and internal security breaches while helping to address regulatory compliance.”
  • 3. PROTECT, DETECT AND REACT TO ALL USER’S ACCESS TO MICROSOFT WINDOWS SERVER-BASED NETWORKS User Logon Security for Windows Active Directory 1 2 3 GUARD AGAINST UNAUTHORIZED ACCESS USING COMPROMISED CREDENTIALS THAT ARISE FROM EXTERNAL ATTACKS ELIMINATE THE RISKS FROM POOR USER SECURITY BEHAVIOUR (PASSWORD SHARING, UNATTENDED WORKSTATIONS…) VERIFY AUTHENTICATED USERS’ CLAIMED IDENTITY AND ATTRIBUTE ALL ACTIONS TO AN INDIVIDUAL USER TO DISCOURAGE MALICIOUS ACTIVITY 4 REDUCE THE NUMBER OF INCIDENTS OF NON-COMPLIANCE. USERLOCK SUPPORTS MANY REGULATORY REQUIREMENTS OF PCI DSS, HIPAA, ISO27001… UserLock offers stronger security for Windows user logins, without impeding end users or frustrating IT teams. Harden your defence against unauthorized network access and compromised credentials. ACCESS CONTROL AND PROTECTION Set and enforce non-intrusive, context-aware access controls that define network access conditions for all Windows users. DETECTION AND RESPONSE Real-time monitoring and risk detection tools immediately alert you to suspicious logon activity so you can take action quickly – crucially before that activity becomes a serious problem. USER SECURITY EDUCATION Guide and disseminate good end-user security behaviour through alerts and notifications on users own trusted access ‘in situ’, to help users avoid careless mistakes and discourage malicious actions.
  • 4. USERLOCK WORKS ALONGSIDE ACTIVE DIRECTORY IN A MICROSOFT WINDOWS ENVIRONMENT UserLock is a client server application capable of auditing and controlling different types of user access connections NON-DISTRUPTIVE TECHNOLOGY No modifications are made to Active Directory or its schema. UserLock works alongside Active Directory to extend not replace its security. FAST AGENT DEPLOYMENT A micro agent is deployed automatically (or manually) on all machines. Once installed all access connections are detected and saved in the UserLock database. FAST IMPLEMENTATION Hosted on any server member of the domain. Managed remotely on workstations or through a web console anywhere on the network (mobile, tablet) ALL SESSION TYPES UserLock offers several agent types according to the types of session it has to monitor, workstation, terminal, Wi-Fi & VPN and IIS
  • 5. GENERAL PROCESS DESCRIPTION How UserLock Works The user enters their credentials to log on or to establish a connection to the domain network. These credentials are verified and validated against Active Directory. If the authentication process fails, the connection will be refused by Windows and UserLock does not intervene. The agent will however notify the UserLock server about this logon failure. Different agents are available depending on the connection type to be audited and the technology used to configure these connections. The general process is the same regardless of the agent type.
  • 6. GENERAL PROCESS DESCRIPTION How UserLock Works If the authentication is successful, the UserLock agent will transmit to the UserLock server all information about the context of the connection requested. The UserLock server will then process and analyze the data transmitted by the agent to check access control rules, trigger any alerts, refresh session information and save the user connection event in the database. The server then communicates its decision to the agent regarding the acceptance or refusal of the connection requested.
  • 7. USERLOCK RECORDS AND REPORTS ON EVERY SESSION ACCESS EVENT Audited Data On a connection event of a domain user to the network, the UserLock agent transmits to the server a set of data. This set includes information on: Logon, reconnection, disconnection, logoff, lock, unlock. Connection event type Workstation, terminal, Wi-Fi, VPN, IIS. Connection type requested Domain, username. The user Machine or device name, IP address. The source This information is retrieved by the agent itself when the connection event is submitted by the user, and sent encrypted to the UserLock server, which determines the time of the connection request and saves all in its database. Thus all user connection information performed on agent hosts are collected and stored centrally.
  • 9. SET AND ENFORCE NETWORK ACCESS CONDITIONS FOR ALL WINDOWS USERS’ WITHOUT FRUSTRATING OR IMPEDING END USERS User Access Control – Permanent and temporary rules Transparent to the user, these controls help verify authenticated users’ claimed identity to protect against unauthorized access and compromised credentials. Context-aware access control • Number of simultaneous initial access points • The type of connection: workstation, terminal, IIS, Wi-Fi and VPN • The total number of concurrent connections and by type of connection • The origin of the connection • The time of the connection • The connection time quota and by requested type of connection All data audited at the moment of attempted connection is analyzed to verify if the user requesting the connection is subject to access control rules. Defined for a user account, a user group and/or an organizational unit of users, the rules allow or deny a connection requested by a domain user account. UserLock then transmits this decision to the agent of the relevant system.
  • 10. DIFFERENTIATE IN REAL TIME AN INITIAL ACCESS POINT FROM A NESTED SESSION Initial Access Points UserLock can analyze what the sequence is of a user’s connections to determine whether a session is a new point of entry to the network or a connection performed from an existing session. A new point of entry is considered as the initial access point for the user initiating the connection.
  • 11. RESTRICTIONS TO VERIFY AN AUTHENTICATED USERS’ IDENTITY Initial Access Points Limiting the number of initial access points to one will ensure that the user won't be able to open a session from a second location. If you don't limit the number of concurrent sessions allowed, the user will be able to open as many sessions as they want, but only if they are children/nested sessions of the same initial access point. The results are displayed in real time in UserLock with icons that tag sessions to differentiate an initial access point from a nested session.
  • 12. MANAGE AND RESTRICT SIMULTANEOUS CONNECTIONS Concurrent Sessions The limit of concurrent sessions allowed can be used in association with the limit of initial access points to define how many and which types of session (workstation, terminal, Wi-Fi/VPN and IIS) a user can open from the same initial access point. In the example where workstations are limited to 1, if a user tries to open a second session while the previous is open, their logon will be denied. If the number of initial access points allowed is not configured, the number of permitted concurrent sessions will still be effective.
  • 13. MANAGE AND RESTRICT ACCESS BY LOCATION Control Access by Origin Define and manage the workstations/terminals, IP range and session type from which a user, group or organizational unit may log on. For example, to restrict a user to connect only from a specific machine. Within UserLock you can query Active Directory to check and select named workstations, users, groups or organizational units.
  • 14. MANAGE AND RESTRICT CONNECTION HOURS Control Access by Time The 'Hour restrictions' section allows you to define, by session type, periods of time during which users can or cannot logon to the network. For example, to prevent access connections outside certain hours. When the authorized time frame has expired, a warning notification can be displayed to users before automatically initiating a forced session logoff or session lock. You can also choose to apply the time restrictions according to the machine’s local time zone.
  • 15. MANAGE AND RESTRICT CONNECTION HOURS Control by Time Quota A connection time quota can be assigned to determine the maximum period of time connected to the network during a recurring period (day,week, month… ) for specified session types. The ‘consumed time’ per user can be displayed and managed from the UserLock console.
  • 16. MANAGE AND RESTRICT UNATTENDED WORKSTATIONS Automatic Logoff for Idle Sessions UserLock can automatically log off sessions after a specific idle time. Every session of the user account is closed after a chosen idle time period. It can be defined by user, group and Organizational Unit.
  • 17. A ‘SINGLE ACTIVE SESSION’ OFFERS FLEXIBILITY FOR THE USER Additional Options By distinguishing between an active session and a locked session, UserLock can: • Allow users to log off an existing session remotely if the number of allowed sessions has already been reached. • Allow only one unlocked interactive session at a time. Any other session will be automatically locked or disconnected by UserLock.
  • 18. IMMEDIATE RESPONSE TO ALERT ON OR AUTOMATICALLY BLOCK SUSPICIOUS LOGON EVENTS Connection Alerts for IT Administrators The user rules also include alert notifications for defined connection events. Two types of alerts can be defined: pop-up messages and email messages Real-Time Alert Notifications The data audited during the connection, whatever the decision taken (authorized, refused or failed), are analyzed and compared against the criteria of alert triggers — defined for the user requesting the connection. These alerts are triggered to inform the predefined recipients for the following connection events: logon, logoff, lock, unlock, disconnect, reconnect, logon denied by Windows and logon denied by UserLock. For example alerts can be set for failed logon attempts, attempts to log on to default accounts, logon activity during non-working hours…
  • 19. ALERTS TO POTENTIAL COMPROMISED OR STOLEN CREDENTIALS Connection Alerts for End Users An option allows a pop-up message to be displayed for every session of a user when their credentials are used from another machine or used to open another connection. Warnings (real-time) direct to the user The audited data collected at connection attempts also allows the user to be alerted every time their credentials are used on the network. This alert message indicates the source of the connection, the type of the connection, the time and their status (accepted or denied). The user is then invited to report this event to their IT team if they are not responsible for the requested connection, and to change their password if potentially compromised. A UserLock administrator can customize this alert message and choose which connection events will trigger it.
  • 20. BETTER IDENTIFY SUSPICIOUS OR INAPPROPRIATE ACCESS BEHAVIOR A Risk Indicator on User Access for IT Administrators By correlating each user’s access events with their customized access controls, each user’s ‘risk status’ evolves according to the user’s actions when accessing or attempting to access the network. Risk status & real-time alerts Six statuses are available to highlight activity that could help detect anomalies in user connection. Activity deemed as risk or high risk are clearly flagged in the console. Alerts can also be sent to administrators on a changing risk status. Threshold triggers on what is considered as risk can also be adapted to suit an organizations own needs. The ‘risk status’ is information and does not result in blocking or denying a user connection — the goal is to highlight risk situation to allow administrators to respond appropriately.
  • 21. A USER IS CONSIDERED TO HAVE A POTENTIALLY HIGH-RISK BEHAVIOR WHEN: High-Risk Status 1 2 3 THE NUMBER OF SESSIONS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT FREQUENCY OF FAILED LOGONS BY USERLOCK OR/AND WINDOWS IS OVER THE FREQUENCY TOLERATED THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT 4 TWO SIMULTANEOUS INITIAL ACCESS POINTS ARE DETECTED FROM INSIDE AND OUTSIDE THE LOCAL NETWORK
  • 22. FREQUENCY OF FAILED LOGONS High-Risk Status 1 2 3 THE NUMBER OF SESSIONS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT FREQUENCY OF FAILED LOGONS BY USERLOCK OR/AND WINDOWS IS OVER THE FREQUENCT TOLERATED THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT 4 TWO SIMULTANEOUS INITIAL ACCESS POINTS ARE DETECTED FROM INSIDE AND OUTSIDE THE LOCAL NETWORK The repetition of connection failures over a period of time may be a sign of identity theft attempts or connections attempts from disapproved resources for the user. UserLock agents inform the server about every denied logon from Windows and the associated reason (invalid password, account locked, account disabled, Active Directory policies, etc.) UserLock also saves all denied logon due to UserLock policies and the detailed reason (simultaneous limit, unauthorized machines, forbidden time ranges, etc.). This information is not only saved in the database but also stored in memory within the UserLock service to allow an iterative analysis. It is therefore possible to set a threshold of tolerance for logons denied by Windows or by UserLock beyond which the user status will be switched to high-risk.
  • 23. DETECT SIMULTANEOUS INITIAL ACCESS POINTS FROM INSIDE AND OUTSIDE THE LOCAL NETWORK High-Risk Status 1 2 3 THE NUMBER OF SESSIONS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT FREQUENCY OF FAILED LOGONS BY USERLOCK OR/AND WINDOWS IS OVER THE FREQUENCT TOLERATED THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE LIMIT DEFINED FOR THEIR ACCOUNT 4 TWO SIMULTANEOUS INITIAL ACCESS POINTS ARE DETECTED FROM INSIDE AND OUTSIDE THE LOCAL NETWORK Example of a user opening a workstation session in the local network while a VPN connection is open from outside.
  • 24. A USER IS CONSIDERED TO HAVE A POTENTIALLY RISKY BEHAVIOR WHEN: Risk Status 1 2 3 CONNECTION ATTEMPT BLOCKED DUE TO THE ACTIVE DIRECTORY ACCOUNT STATUS USERS OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS THE NUMBER OF SESSIONS OPEN BY SESSION TYPE IS OVER THE ADJUSTABLE THRESHOLDS 4 THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE ADJUSTABLE THRESHOLD
  • 25. A USER OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS Risk Status 1 2 3 CONNECTION ATTEMPT BLOCKED DUE TO THE ACTIVE DIRECTORY ACCOUNT STATUS BEING LOCKED OR DISABLED USERS OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS THE NUMBER OF SESSIONS OPEN BY SESSION TYPE IS OVER THE ADJUSTABLE THRESHOLDS 4 THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE ADJUSTABLE THRESHOLD UserLock can analyze users’ new connections to detect if this is a new point of entry in the network or a connection performed from an existing session, and in this last case, it can compare the credential used. If the credential used to open a child/nested session is different, UserLock is able to switch the user status to the risk level. Example of a user opening a terminal session from a workstation session with valid but different credentials.
  • 26. HIGHLIGHT USERS BEYOND CUSTOMIZED THRESHOLDS WITHOUT BLOCKING THEIR CONNECTIONS Risk Status 1 2 3 CONNECTION ATTEMPT BLOCKED DUE TO THE ACTIVE DIRECTORY ACCOUNT STATUS USERS OPENING A NEW SESSION FROM AN EXISTING SESSION WITH DIFFERENT CREDENTIALS THE NUMBER OF SESSIONS OPEN BY SESSION TYPE IS OVER THE ADJUSTABLE THRESHOLDS 4 THE NUMBER OF INITIAL ACCESS POINTS OPEN IS OVER THE ADJUSTABLE THRESHOLD Administrators can use the status ‘Risk’ to highlight users with a number of connections that they deem as abnormal. The goal is to detect easily within the console users having a large number of connections and send an alert if necessary — but without blocking users’ access requests. These threshold values are configurable for one or several types of audited connections.
  • 27. INFORM ADMINISTRATORS OF OTHER USER CONNECTION ACTIVITY Other Indicative Status
  • 28. SCHEDULE AND VIEW REPORTS DIRECTLY FROM THE CONSOLE, SEND TO SPECIFIED MAILBOXES AND PRINT AND EXPORT IN SEVERAL FILE FORMATS Reporting and Auditing on all Logon and Logoff Activity All user connection information transmitted by the agent are audited and saved centrally in a database. Information stored can be used to generate predefined reports directly from the console. Centralizing & Archiving all Events Session history: The detailed list of every connection (logon, lock, unlock, disconnection, logoff, users, machines, domains, etc.) available for all session types. User status history: The list of status changes for every user and the reasons. Session statistics: The total number of sessions, the total time and average time per session for a user on a defined period. Session count evolution: Changes in the number of all the interactive sessions open on the network. Two additional reports for Wi-Fi/VPN sessions: History and statistics with additional relevant filters. The ability to view raw data tabled from the database. A tool view allowing you to submit an SQL query from the console itself.
  • 29. REACT IN REAL TIME TO A SPECIFIC SITUATION
  • 30. AN IMMEDIATE RESPONSE CAN HELP REDUCE THE RISK OF SECURITY BREACHES Interact Remotely —with all sessions, open or locked React from the UserLock console from any device (smartphone, tablet or computer). Simply selecting on one or several sessions in the UserLock console allows you to launch the following actions on the following session types: Remote response • ‘Workstation’ sessions: Logoff the session, lock the session, send a pop-up message, run a computer command. • ‘Terminal’ sessions: Logoff the session, lock the session, send a pop-up message, run a computer command. • ‘IIS’ sessions: Logoff the session, run a computer command.
  • 31. Immediately Block a User For any specific user you can block all logon attempts and close all existing sessions remotely, to react quickly to compromised or suspected compromised credentials. Just select the user from the ‘User sessions’ view and launch the command. Until the user is unblocked, all connection attempts will be denied.
  • 32. LAUNCH PERSONALIZED COMMANDS TARGETING ANY COMPUTERS Computer commands UserLock offers the possibility to launch from the console a predefined computer command or to create your own to run specific jobs or scripts. Actions can include: remote desktop, remote connection to the computer management console, script, event viewer remote connection, etc.).
  • 33. SECURITY IS AN ITERATIVE PROCESS Adjust user access control rules Access security is not a one-time activity. Restrictions should be evaluated and revised periodically so that improvements can be implemented. User access control rules can be modified at any time for a user or a group, or to create a temporary rule to define an exception for a particular user. All changes are applied in real time and are effective immediately.
  • 34. DOWNLOAD A FREE FULLY FUNCTIONAL TRIAL NOW WWW.USERLOCK.COM