This article explains how to configure the SysKit server for the Block Malicious IP Addresses feature to work.

Configure SysKit Monitor server to support the Block Malicious IP Addresses feature

In case you notice that IP addresses are not being reported in the SysKit Monitor application, check if these options on the SysKit Monitor application server are correctly set:

  1. Go to the Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.
  2. Double click on the RDP-Tcp connection.
  3. In the RDP-Tcp Properties dialog, choose the General tab and change the Security Layer setting to the RDP Security Layer.

Please note!
In case this security setting is configured to Negotiate, Windows server will always use the SSL (TLS 1.0) security layer and IP addresses will not be fetched.

  1. Change the Encryption level to High in the same screen.

  2. Click Apply and OK to finish.

Please note!
Next two steps should be performed on every monitored server!

  1. Now open the Server Manager and select the Configure Server Manager Remote Management.

  2. In this dialog, enable the Enable remote management of this server from other computers option.

The server configuration is finished and now you should be able to use the Block Malicious IP Addresses feature within the SysKit Monitor.

See Event Log System Job to learn more.
See Configure Audit Logon Events to learn more.