Jumpoint: Set Up Unattended Access to a Network

Jump

Jumpoint

Jumpoint Management

BeyondTrust's Jump Technology enables a user to access computers on a remote network without having to pre-install software on every machine. Simply install a single Jumpoint agent at any network location to gain unattended access to every PC within that network.

Add New Jumpoint, Edit, Delete

Create a new Jumpoint, modify an existing Jumpoint, or remove an existing Jumpoint.

Redeploy

Uninstall an existing Jumpoint and download an installer to replace the existing Jumpoint with a new one. Jump shortcuts associated with the existing Jumpoint will use the new Jumpoint once it is installed.

When an existing Jumpoint is replaced, its configuration is not saved. The new Jumpoint must be reconfigured.

Add or Edit Jumpoint

Name

Create a unique name to help identify this Jumpoint. This name should help users locate this Jumpoint when they need to start a session with a computer on the same network.

Code Name

Set a code name for integration purposes. If you do not set a code name, PRA creates one automatically.

Comments

Add a brief description to summarize the purpose of this Jumpoint. This is helpful when managing Jumpoints.

Disabled

If checked, this Jumpoint is unavailable to make Jump connections.

Clustered

If checked, you will be able to add multiple, redundant nodes of the same Jumpoint on different host systems. This ensures that as long as at least one node remains online, the Jumpoint will be available.

Enable Shell Jump Method

If you want users to be able to connect to SSH-enabled and Telnet-enabled network devices through this Jumpoint, check Enable Shell Jump Method. Command filtering can be configured to prevent accidental use of commands that can be harmful to endpoint systems.

For more information on command filtering, please see Use Shell Jump to Access a Remote Network Device.

Enable Protocol Tunnel Jump Method

If Enable Protocol Tunnel Jump Method is checked, users may make TCP connections from their systems to remote endpoints through this Jumpoint.

RDP Service Account

Select the account to be used by the Jumpoint to run a user-initiated client on the RDP server. This allows you to collect additional event information from an RDP session started with this Jumpoint. This account in used only if the Remote RDP Jump Item is configured to enable the Session Forensics functionality.

For more information on how to set the Sessions Forensics functionality in the access console, please see Use RDP to Access a Remote Windows Endpoint.

Group Policies

This displays a listing of the group policies which allow users access to this Jumpoint.

Allowed Users

New Member Name

Search for users to add to this Jumpoint. Users who are allowed to use this Jumpoint can start sessions with or create Jump Items connecting through this Jumpoint, as their permissions allow.

In the table below, view existing Jumpoint users. You can filter the view by entering a string in the Filter by Name text box. You can also delete the user from the Jumpoint.

To add a group of users to a Jumpoint, go to Users & Security > Group Policies and assign that group to one or more Jumpoints.

You may see some users whose Delete options are disabled. This occurs when a user is added via group policy.

You can click the group policy link to modify the policy as a whole. Any changes made to the group policy apply to all members of that group policy.

You also can add the individual to the Jumpoint, overriding their settings as defined elsewhere.

For more information about Jumpoint configuration, please see Configure and Install a PRA Jumpoint.