FAQs

What licensing models are available for the SessionLimit product?

Licensing is done on a per-user basis. For detailed information, please contact [email protected].

Which identity provider platforms does SessionLimit support?

SessionLimit integrates with Active Directory. Computers need to be members of the domain, and the user account logging in must be an Active Directory account. Due to its multi-session nature, it is an operation that occurs in Active Directory environments. On non-domain computers, only single sessions can be opened simultaneously.

Do I need to set up a separate SessionLimit installation for each Active Directory domain?

SessionLimit allows you to add multiple Active Directory domains. Network requirements must be met between the domains related to SessionLimit. See Network considerations.

Does the SessionLimit product require any agents?

SessionLimit works with agent. This is primarily because the agent is needed to monitor, terminate sessions, and handle 2FA operations on the target computers. There is no special need/authorization required on the Active Directory domain controller. Since it works with an agent, there is no need for a privileged account in Active Directory.

In which session types is 2FA supported?

2FA can be enabled for interactive and remote desktop connections to Windows systems using SessionLimit policies. The frequency of 2FA prompts can be configured within the policies, e.g., every login or every 14 days, etc.

Can session control be done for users who are members of multiple groups?

There is no issue with multiple policies in this regard. Our SessionLimit product includes a prioritization feature in policies. This allows you to determine which rules apply to user sessions.

Does SessionLimit detect orphaned sessions?

With the orphaned session detection feature, sessions that are still open after an account has been deactivated, which could pose security risks, can be identified and terminated centrally with a single click.

Can we view live sessions and account activities?

Admins can see who has sessions on which systems. They can track activities like login/logout and computer locking. Additionally, end-users can view their own activities via the portal.

How can SessionLimit assist in case of a security breach involving a user identity?

When a security breach involving a user identity occurs, system administrators can temporarily disable the user account. However, active sessions remain valid, and the security breach may continue. SessionLimit allows for remote termination of all sessions with a single click, thus ending the security breach.

How can we distribute/install agents on computers?

The SessionLimit agent is provided as an MSI package. Therefore, it can be automatically installed on all computers using Active Directory Group Policy, ConfigMgr (SCCM), or any system capable of remote software deployment. No additional configuration is required.