Configure SysKit Server to support the Block Malicious IP Addresses feature

This article describes what is necessary to configure for the Block Malicious IP Addresses feature to work.

In case you notice that IP addresses are not being reported in the SysKit application, check if these options on the SysKit application server are correctly set:

  1. Go to the Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.
  2. Double click on the RDP-Tcp connection.
  3. Configure SysKit server to support blocking malicious IPs
     

  4. Change the Security Layer setting to the RDP Security Layer.

    Security Layer
     
    Please note! In case this security setting is configured to Negotiate, Windows server will always use the SSL (TLS 1.0) security layer and IP addresses will not be fetched.
  5. Change the Encryption level to High.
  6. Encryption Level
     

  7. Click Apply and OK to finish.
  8. Please note! Next two steps should be performed on every monitored server!
  9. Now open the Server Manager and select the Configure Server Manager Remote Management.
  10. Select the Enable remote management of this server from other computers option.
  11. Enable remote management
     

The server configuration is finished and now you should be able to use the Block Malicious IP Addresses feature.

See Event Log System Job to learn more.
See Configure Audit Logon Events to learn more.