UserLock Frequently Asked Questions

How to apply requirements on UserLock Server and protected machines

This step by step guide will show you how to apply the requirements necessary on the UserLock server and protected machines before installing the agents.

We will see how to set up:

Windows Firewall rules (ICMP requests, SMB, remote registry service) on UserLock server and protected machines
Advanced configuration to secure network traffic between UserLock server and protected machines only
Using GPO to apply Windows Firewall rules

Windows Firewall rules:

Here we will see how to create inbound Firewall rules on UserLock server and protected machines

File and Printer Sharing

Remote registry service /!\ Only on machines where the UserLock agent is to be installed.

Advanced configuration:

In the above section we showed how to create inbound Firewall rules on UserLock Server and on protected machines.
In the below section, we will see an advanced configuration to secure network traffic between UserLock server and protected machines only.
We need to edit each rule created before and specify in scope tab the "Source" (local IP Address) and the "target" (Remote IP address).

From UserLock server side:

In Local IP Address : add the IP Address(es) of UserLock server(s)

In Remote IP Address :
As you can see there are multiple options:

In the below example, set an IP Range which can be assigned to protected machines

From Protected machines side:

In Local IP Address : In the below example, set the same IP range which can be assigned to protected machines.
In Remote IP address : add IP address(es) of UserLock server(s)