So to protect access to pages, you will need to create an access rule.
Go to WebAssist -> Security Assist -> Manage Site Access -> Access Rules manager
Create a new rule for logged in users as:
Allow If:
Vlaue: Click the lightning bolt icon and select the ID Session created by the login
Criteria: <> (This means not equal to)
Compare To: Leave this blank.
the use the restrict access server behavior on the page to restrict access to.
for the log out, create a logout page, add the clear session server behavior to it and use the before page load trigger. your logout links should point to the logout page.