This article explains how to revoke a remote user's session so they are forced to reauthenticate for continued access to your network.
To maintain the compliance of remote users connecting to your network, you can revoke the session of a remote user. After a session is revoked, the remote user is prompted to authenticate in the Client using their configured authentication method. If the user does not authenticate within 10 minutes, WAN and Internet access is blocked for the remote user on any device. This reduces the risk of unauthorized access. To regain access, the remote user must authenticate in the Client using their configured authentication method.
By forcing the remote user to authenticate, the Client runs the configured device checks. For more information on the Client connection flow, see Understanding the Cato Client Connection Flow.
Revoking a remote user's session is supported on all authentication methods, IdPs, and all supported Client versions.
A remote user has Always-On enabled and authenticates with SSO with a token duration of 2 weeks. Their device is stolen creating a security risk of up to 2 weeks of unauthorized access. To mitigate the risk, the admin revokes the user's session preventing access to the network from the stolen device.
Using the Stories Workbench, analysts at company ABC identified a user who is uploading a large amount of data to a file-sharing application. They are unsure if this action is being taken by the user for legitimate reasons or not. They immediately revoke the user session to force reauthentication on the device. The analysts can then continue their investigation knowing that only a legitimate authenticated user can access the network from the device.
-
Revoking a remote user's session is not supported for Browser Access.
Revoking a session helps you maintain control over user access.
0 comments
Article is closed for comments.