NordLayer features in review: Active Session Timeout

NordLayer features in review Active Session Timeout

Logging into your organization’s network is one of the first things employees go through daily. Each successful authentication also opens up a direct route into your company’s resources, creating a session between the two systems.

However, trust shouldn’t be without limits—indefinitely keeping the session open can be detrimental to your security. This is something that a hacker could exploit when looking for ways to hijack your employees’ connections. Therefore, NordLayer unveils a new security feature designed to prevent this risk—Active Session Timeout.

Active Session Timeout using NordLayer

The new NordLayer feature allows you to choose a user’s session duration. When the time expires, the user is logged out from the Control Panel or NordLayer application and required to re-authenticate. This makes the action window during which the hacker could decrypt the connection shorter, making it much harder to hijack. This can be very beneficial if your users are handling sensitive data.

How does NordLayer’s Active Session Timeout feature work?

This feature automatically logs users out of the NordLayer application or Control Panel after the set period. It affects all users regardless of whether they were connected to the gateway during that time. 

The setting is enforced automatically, and the session length can be adjusted by the admin in the Control Panel for the entire organization. The minimum duration length in the Control Panel and application can be set up to 1 day. Meanwhile, NordLayer’s default—and maximum—session duration time is 30 days. It adds a safeguard that is sure to be appreciated by a company’s IT personnel.

How is NordLayer’s Active Session Timeout different?

Unlike typical session management, NordLayer’s feature offers more flexibility and control. It not only addresses the typical use cases but also adds an extra layer of security, which is especially useful in remote working scenarios:

  • The feature will have a setting allowing you to select a preferred session duration period.

  • Session control has a predefined optimal default time of 30 days if there’s no preference for session duration time.

  • The functionality is applicable for both Control Panel and NordLayer application, so gives more control to manage admins’ and users’ reauthentication.

Benefits of Active Session Timeout

Stricter session management is recommended by various organizations like The Open Web Application Security Project (OWASP). It can significantly contribute to your organization’s cybersecurity hygiene.

The benefits of Active Session Timeout controls include better security adherence in the organization, more efficient users and internal policy management, and increased overall network and data protection.

  • Enhanced security: shorter session durations minimize the window of opportunity for unauthorized access.

  • Compliance alignment: the feature allows organizations to align with security protocols, thus reducing vulnerabilities.

  • Risk mitigation: in scenarios like device theft, the exposure period is significantly reduced, leaving a smaller time window for bad actors to exploit.

  • Integrates with Single sign-on authentication schemes. This feature enables network administrators to control access to work resources more precisely and align them with their internal policies.

This functionality has benefits to all organization units, from the end user to the manager:

Benefits of the Active Session Timeout by NordLayer

Overall the feature automates and optimizes processes for all organization units, adding an additional functionality to network and data security.

Entering NordLayer’s Active Session Timeout

To adjust your currently used session duration:

  1. Head to the Control Panel and click Settings

  2. Select Security configurations and find the Active Session Timeout section

This allows you to change session duration times for your users in applications and the Control Panel. You can choose the desired time from 1 day to 30 from the dropdown menu.

The user will be shown a dialog box just before the session ends, asking to reauthenticate to start a new session running.

How to set session duration in the NordLayer Control Panel

Share article


Copy failed

Protect your business with cybersecurity news that matters

Join our expert community and get tips, news, and special offers delivered to you monthly.

Free advice. No spam. No commitment.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.