Jumpoint: Set Up Unattended Access to a Network

Jump

Jumpoint

Jumpoint Management

BeyondTrust's Jump Technology enables a user to access computers on a remote network without having to pre-install software on every machine. Simply install a single Jumpoint agent at any network location to gain unattended access to every PC within that network.

Add New Jumpoint, Edit, Delete

Create a new Jumpoint, modify an existing Jumpoint, or remove an existing Jumpoint.

Redeploy

Uninstall an existing Jumpoint and download an installer to replace the existing Jumpoint with a new one. Jump shortcuts associated with the existing Jumpoint will use the new Jumpoint once it is installed.

When an existing Jumpoint is replaced, its configuration is not saved. The new Jumpoint must be reconfigured.

Add or Edit Jumpoint

Name

Create a unique name to help identify this Jumpoint. This name should help users locate this Jumpoint when they need to start a session with a computer on the same network.

Code Name

Set a code name for integration purposes. If you do not set a code name, PRA creates one automatically.

External Jump Item Network ID

On the Security page Access Console settings, when Jumpoint for External Jump Item Sessions is set to Automatically Selected by External Jump Item Network ID, this value is matched against the Network ID property for external Jump Items returned by the Endpoint Credential Manager to determine which Jumpoint handles a session.

Network ID is equivalent to the Workgroup attribute on managed systems in Password Safe.

Comments

Add a brief description to summarize the purpose of this Jumpoint. This is helpful when managing Jumpoints.

Disabled

If checked, this Jumpoint is unavailable to make Jump connections.

Clustered

If checked, you will be able to add multiple, redundant nodes of the same Jumpoint on different host systems. This ensures that as long as at least one node remains online, the Jumpoint will be available.

Enable Shell Jump Method

If you want users to be able to connect to SSH-enabled and Telnet-enabled network devices through this Jumpoint, check the Enable Shell Jump Method option. Command filtering can be configured to prevent accidental use of commands that can be harmful to endpoint systems.

For more information on command filtering, please see Use Shell Jump to Access a Remote Network Device.

Enable Protocol Tunnel Jump Method

If the Enable Protocol Tunnel Jump Method option is checked, users may make connections from their systems to remote endpoints through these types of Jumpoint.

For more information, see Protocol Tunnel Jump Shortcuts in the Privileged Remote Access Jumpoint Guide.

RDP Service Account

Select the account to be used by the Jumpoint to run a user-initiated client on the RDP server. This allows you to collect additional event information from an RDP session started with this Jumpoint. This account in used only if the Remote RDP Jump Item is configured to enable the Session Forensics functionality.

The RDP Service Account setting must not use a local admin account, and must use a domain admin account with minimum privileges including access to create remote services and access remote file systems.

For more information on how to set the Sessions Forensics functionality in the access console, please see Use RDP to Access a Remote Windows Endpoint.

Group Policies

This displays a listing of the group policies which allow users access to this Jumpoint.

Allowed Users

New Member Name

Search for users to add to this Jumpoint. Users who are allowed to use this Jumpoint can start sessions with or create Jump Items connecting through this Jumpoint, as their permissions allow.

In the table below, view existing Jumpoint users. You can filter the view by entering a string in the Filter by Name text box. You can also delete the user from the Jumpoint.

To add a group of users to a Jumpoint, go to Users & Security > Group Policies and assign that group to one or more Jumpoints.

For more information about Jumpoint configuration, please see Configure and Install a PRA Jumpoint.