Skip to content

Configure Multiple Simultaneous Sessions

Applies To: HySecure Gateway 7.2 and above

Category: Session Management

Overview

This guide explains how to configure multiple simultaneous session support, enabling users to maintain concurrent active sessions across multiple devices. Users can remain logged in from desktop, laptop, and mobile devices simultaneously, eliminating forced logouts when accessing the HySecure gateway from different devices.

Prerequisites

  • HySecure Gateway 7.2 or higher

  • Security Officer or Administrator access to the HySecure management console

  • Authentication Access Control policy configuration permissions

  • Active license supporting the Concurrent Sessions model

Business Context

Improved Productivity:

Users access enterprise applications across multiple devices without forced logouts, eliminating workflow disruptions and supporting modern hybrid work patterns.

Reduced Support Overhead:

Eliminates user frustration and help desk calls related to unexpected session terminations when users switch between devices.

Procedure: Configure Maximum Simultaneous Sessions

Step 1: Create or Modify Authentication Access Control

  1. Log in to the HySecure management console

    • Use Security Officer or Administrator credentials.

  2. Navigate to Access Control policies

    • Navigate to Policies > ACL.

    • Click Add for a new policy, or select an existing Authentication Access Control to modify.

  3. Configure Access Control Type

    • Select "Access Control Type" as Authentication.

    • Enter the appropriate Access control name.

  4. Configure basic parameters

    • Select HySecure Domain.

    • Select the Authorization server.

    • Select Assignment Type (Users or User Groups).

Step 2: Configure Multi-Session Settings

  1. Locate the Multi-Session Settings section

    • Scroll to the Multi-Session Settings section in the Access Control configuration.

  2. Set maximum allowed sessions

    • Configure the Maximum allowed sessions per User field.

    • Enter a number based on organizational requirements.

      Recommended Values:

      • 2-3 sessions: Standard users (desktop + mobile).

      • 3-5 sessions: Power users or administrators.

      • 5+ sessions: Special cases requiring extensive multi-device access.

  3. Save configuration

    • Click Submit to apply the Access Control policy.

Session Monitoring and Tracking

Enhanced Active Users View

The Active Users section displays all active user sessions with a unique Session ID assigned to each session for tracking and identification purposes.

To access the Active Users view:

  • Navigate to Monitor > Dashboard > Active Users.

  • Contact Accops support for current navigation instructions.

Session-Based Log Tracking

All logging mechanisms now include a Session ID field for granular session correlation:

Activity Logs:

  • Navigate to Reports > Logs > Activity.

  • The Session ID column displays a unique identifier for each user session.

  • Filter and search logs by Session ID for session-specific activity tracking.

User Logs:

  • Navigate to Reports > Logs > User.

  • The session ID field enables the correlation of user activities across a single session.

  • Track login/logout events per session.

Endpoint Security Logs:

  • Navigate to Reports > Logs > Endpoint Scan.

  • Session ID links endpoint security events to specific user sessions.

  • Correlate security policy enforcement with individual sessions.

Self-Service Portal Session Management (Optional)

Enable User Session Management

Administrators can enable the Manage Sessions capability in the Self-Service Portal, allowing users to view and control their own active sessions.

End users can now view and manage their active login sessions from the My Profile section in the HyLite Portal.

Steps to enable this feature

  1. Log in to the HySecure management console as Security Officer/Administrator.

  2. Navigate to Settings > Authentication > Authentication Domain.

  3. Click Add to create a new Authentication Domain or select an existing one to modify.

  4. Select the checkbox to enable Self Service Portal.

  5. Enable Manage Sessions under Basic configuration.

Contact Accops support for Self-Service Portal configuration assistance.

User Session Management Workflow

After being enabled by the administrator, end users can manage their sessions through the Manage Sessions feature upon logging in.

End users can now view and manage their active login sessions upon user login.

Note

Session management is supported only in HyLite Portal and in Mac Workspace client version 7.1.1.1018 or later. Users on other clients can manage their sessions via the HyLite Portal by clicking Trouble Logging In.

Steps to enable this feature

  1. Log in to the HySecure Gateway using either the Workspace Client or the HyLite Portal.

    1. Navigate to My Profile and select Manage Sessions for the HyLite Portal-based login.

    2. Click on the User icon in the top right corner and click Self Service Portal for workspace client-based login.

    3. Users logging in from other clients can directly open the HyLite Portal and click Trouble Logging in?.

  2. Select HySecure Domain as the organization on the next screen. Click Submit to proceed.

  3. Enter the Username, complete the captcha, and click Submit to continue.

  4. Authenticate the user using the applicable self-authentication method: PIN, OTP, or Security Question as prompted.

  5. Select the sessions you want to log out of and click Logout. Confirm the action when prompted.

  6. After logging out, a confirmation message will appear: Selected session has been logged out.

Manage Sessions upon Maximum Limit Reached

Upon reaching the configured limit for active sessions, any further login attempt by an end user from another device results in an error indicating that the allowed active session limit has been reached. An option to manage current sessions is additionally made available, as illustrated in the image below.

Steps to Manage Sessions

  • For HyLite Portal based login, click Session Management to manage currently active sessions.

  • For Workspace macOS Client based logins, click Manage Sessions to manage currently active sessions.

Complete the remaining steps as outlined above in the Manage Sessions via User Login.

Use Cases

Scenario 1: Hybrid Work Environment

User manages critical alerts on a mobile device while working from a desktop. The ability to have multiple simultaneous sessions eliminates the need to log out from one device before accessing another, ensuring workflow continuity across all devices.

Scenario 2: Multi-Environment Operations

The system administrator manages production servers from a desktop workstation while monitoring the development environment from a laptop and responding to alerts via a tablet. Concurrent sessions across three devices enable efficient multitasking without authentication delays or forced logouts.

Important Notes

License Impact

Concurrent Sessions Model:

  • License Type changed from Concurrent Users to Concurrent Sessions.

  • Each active user session consumes one concurrent session license.

  • A user with 3 active sessions consumes 3 concurrent session licenses.

  • Critical consideration for license capacity planning in multi-session environments.

License Synchronization:

  • Allow up to 105 seconds for license changes to reflect across all nodes after applying the new license.

Session Management

Session Limits:

  • Maximum allowed sessions configured per Authentication Access Control policy.

  • The user cannot exceed the configured session limit.

  • Attempting to create a session beyond the limit requires terminating the existing session.

Session Termination:

  • Users can terminate their own sessions via the Self-Service Portal (when enabled).

  • Administrators can terminate user sessions via the management console.

  • Session automatically terminates after the configured idle timeout.

Session Tracking:

  • Each session is assigned a unique Session ID at creation.

  • Session ID persists throughout the session lifetime.

  • All logs include the Session ID for complete session activity correlation.

Configuration Scope

Policy Application:

  • Multi-session settings apply to users/groups assigned to the Authentication Access Control policy.

  • Different user populations can have different session limits via multiple policies.

  • Users not assigned to a multi-session policy default to single-session behaviour.

Performance Considerations

Resource Utilization:

  • Multiple concurrent sessions per user increase gateway resource consumption.

  • Monitor CPU and memory utilization when deploying multi-session support.

  • Plan capacity based on expected concurrent session count, not just user count.

Network Impact:

  • Each active session maintains a network connection to the gateway.

  • Multiple sessions per user increase the network connection count.

  • Ensure network infrastructure supports increased connection volume.

Best Practices

Session Limit Planning:

  • Start with conservative session limits (2-3 per user).

  • Monitor actual session usage patterns.

  • Adjust limits based on observed user behaviour and resource availability.

User Communication:

  • Inform users about multi-session capability and session limits.

  • Guide managing multiple sessions.

  • Communicate license consumption model (session-based, not user-based).

Monitoring:

  • Regularly review the Active Users view for session usage patterns.

  • Monitor Session ID logs for unusual multi-session activity.

Track license consumption relative to concurrent session counts.