Use Jump Clients to Access Remote Endpoints

To access an individual Windows, Mac, or Linux computer that is not on an accessible network, install a Jump Client on that system from the /login > Jump > Jump Clients page. Jump Clients appear in the Jump interface along with Jump Item shortcuts.

Use a Jump Client

To use a Jump Client to start a session, select the Jump Client from the Jump interface and click the Jump button.

Jump Items can be set to allow multiple users to simultaneously access the same Jump Item. If set to Join Existing Session, other users are able to join a session already underway. The original owner of the session receives a note indicating another user has joined the session, but is not allowed to deny them access. For more information on simultaneous Jumps, please see Jump Item Settings.

Sort Jump Clients

Drag and Drop a Column

Browse through groups for the computer you wish to access. To facilitate browsing the Jump Items list, you may drag the columns into any order you wish, and then sort a column by clicking the column header. The access console remembers the column order and the sort order the next time the access console is launched.

Search for a Jump Client

In addition to browsing for Jump Items, you can search based on multiple fields. Enter a string in the search field and then press Enter. To change the fields you are searching, click on the magnifying glass and check or uncheck any of the available fields. Searchable fields include Comments, Console User, Domain, FQDN, Group, Hostname/IP, Jump Method, Last Accessed, Name, Private IP, Public IP, Status, Tag, and Workgroup.

Jump Client Details Pane

When you select a Jump Client, a details pane appears to the right of the Jump interface. Which details are shown here is determined by the Jump Client Statistics setting in the /login interface as well as by the remote operating system.

If a Jump Client goes offline and does not reconnect to the B Series Appliance for the number of days set by the Jump Client Settings in the /login interface, it is labeled as lost. No specific action is taken on the Jump Client. It is labeled as lost only for identification purposes, so that an administrator can diagnose the reason for the lost connection and take action to correct the situation. In the details pane, the scheduled deletion date appears should the Jump Client not come back online.

After a software update, Jump Clients update automatically. The number of concurrent Jump Client upgrades is determined by settings on the /login > Jump > Jump Clients page. If a Jump Client has not yet been updated, it is labeled as Upgrade Pending, and its version and revision number appear in the details pane. While you can modify an outdated Jump Client, you cannot Jump to it. Attempting a Jump does, however, move that Jump Client to the front of the upgrade queue.

Wake-On-Lan (WOL)

Wake-On-Lan (WOL) allows you to remotely turn on or wake up machines configured for WOL from BeyondTrust. In a configured environment, customers can power off their machine but still receive BeyondTrust support, if needed.

WOL is not a BeyondTrust technology. The BeyondTrust software integrates with existing WOL systems. To use WOL through BeyondTrust, the system must have WOL enabled, and the network must allow WOL packets to be sent.

To enable support for WOL in BeyondTrust, turn on the WOL setting in the administrative /login interface under Jump > Jump Clients. When enabling the WOL option, keep the following items in mind:

  • WOL does not work for wireless clients. A wired network connection is required.
  • WOL is supported by the underlying system hardware, which is independent of the installed OS.
  • WOL is supported only by active Jump Clients. Jumpoints and Local Jump from representative consoles do not support WOL.

To wake an active Jump Client using WOL, right-click an existing Jump Client from within the rep console. Attempt to wake the system by clicking the Attempt to wake up Jump Client option.

Attempt to Wake a Jump Client

The wake option is only available when selecting a single Jump Client. It is not available when multiple Jump Clients are selected.

WOL packets are sent from other Jump Clients residing on the same network as the target machine. When an active Jump Client is installed or checks-in, it registers its network information with the B Series Appliance, and the B Series Appliance uses this information to determine which Jump Clients are on the same network.

Once attempting to wake up a selected Jump Client, the WOL option greys out for 30 seconds before it can attempt to send another wake up request. If no other Jump Clients are available on that same network to send WOL packets to the target machine, the rep receives a message indicating that no other Jump Clients are available on the network. When sending a WOL packet, the rep has an advanced option to provide a password for WOL environments requiring a secure WOL password. A WOL packet is a one-way packet, and no confirmation of success is given to the rep besides seeing the client come online in the rep console.

Copy Jump Items

Jump Items can be copied and can belong to multiple Jump Groups. This includes Jump Client items, providing administrators with the ability to set separate policies and group permissions without requiring an additional Jump Client installation on the target endpoint. Users with the appropriate permissions see the option to Copy Jump Items in the Access Console by right-clicking the item. Users can perform this function on multiple Jump Items as well.

This feature enables admins and users to effectively manage different policies for Jump Items and Jump Clients without the need to create a new Jump Item. This functionality enables users to limit the number of clients necessary to enable Jump Client sessions, and limits manual administrative tasks when defining access pathways for users.

Jump Client Properties

Edit Jump Client Prompt showing the Endpoint Agreement dropdown menu.

Organize and manage existing Jump Items by selecting one or more Jump Items and clicking Properties.

 

To view the properties of multiple Jump Items, the items selected must be the same type (all Jump Clients, all Remote Jumps, etc.).

Enter a Name for the Jump Item. This name identifies the item in the session tabs. This string has a maximum of 128 characters.

This feature is available only to customers who own an on-premises B Series Appliance. BeyondTrust Cloud customers do not have access to this feature.

Based on the options your administrator sets, these statistics may include the remote computer's logged-in console user, operating system, uptime, CPU, disk usage, and a screen shot from the last update.

Move Jump Items from one Jump Group to another using the Jump Group dropdown. The ability to move Jump Items to or from different Jump Groups depends upon your account permissions.

Further organize Jump Items by entering the name of a new or existing Tag. Even though the selected Jump Items are grouped together under the tag, they are still listed under the Jump Group in which each Jump Item is pinned. To move a Jump Item back into its top-level Jump Group, leave this field blank.

Jump Items include a Comments field for a name or description, which makes sorting, searching, and identifying Jump Items faster and easier.

To set when users are allowed to access this Jump Item, if a notification of access should be sent, or if permission or a ticket ID from your external ticketing system is required to use this Jump Item, choose a Jump Policy. These policies are configured by your administrator in the /login interface.

Choose a Session Policy to assign to this Jump Item. The session policy assigned to this Jump Item has the highest priority when setting session permissions. The ability to set a session policy depends on your account permissions.

Choose an Endpoint Agreement to assign to this Jump Item. Depending on what is selected, an endpoint agreement is displayed. If there is no response, the agreement is automatically accepted or rejected.

If you no longer need access to a remote system, select the Jump Item and click Remove, or right-click on the Jump Item and select Remove from the menu. You may select multiple Jump Items to remove them all at the same time.

If the remote user manually uninstalls a Jump Client, the deleted item is either marked as uninstalled or completely removed from the Jump Items list in the access console. If the Jump Client cannot contact the B Series Appliance at the time it is uninstalled, the affected item remains in its offline state. This setting is available at /login > Jump > Jump Clients. If a Jump Client goes offline and does not reconnect to the B Series Appliance for 180 days, it is automatically uninstalled from the target computer and is removed from the Jump interface.