Options: Manage Connection Options, Record Sessions, Speed Up Sessions
Require Closed Sessions on Logout or Quit
If you check Require Closed Sessions on Logout or Quit, users will be unable to log out of the console if they currently have any session tabs open.
Determine how long a disconnected endpoint client should attempt to reconnect.
Restrict physical access to the endpoint if the endpoint loses its connection or if all of the users in session are disconnected
If the session connection is lost, the remote system's mouse and keyboard input can be temporarily disabled, resuming either when the connection is restored or when the session is terminated.
Session Termination Behavior
If unable to reconnect within the time you set by Reconnect Timeout, choose what action to take. To prevent an end-user from accessing unauthorized privileges after an elevated session, set the client to automatically log the end user out of the remote Windows computer at session end, to lock the remote computer, or to do nothing. These rules do not apply to browser sharing sessions.
Allow users to override this setting per session
You can allow a user to override the session termination setting from the Summary tab in the console during a session.
Access Session Logging Options
Enable Screen Sharing / Command Shell Recording
Choose if screen sharing sessions and/or command shell sessions should be automatically recorded as videos. Enabling command shell recordings also enables command shell sessions to be available as text transcripts.
Enable User Recording for Protocol Tunnel Jump
Choose if Protocol Tunnel Jump sessions should be automatically recorded as videos. Because Protocol Tunnel Jumps require the use of a third-party application of choice, the user's entire desktop is captured, including all monitors.
Require User's Consent Before Recording Starts
Choose if users should receive a prompt telling them that their desktop will be recorded when beginning a Protocol Tunnel Jump session. Please note that if the user does not consent, Protocol Tunnel Jump session will not continue.
Screen Sharing / User / Command Shell Recording Resolution
Set the resolution at which to view session recording playback.
All recordings are saved in raw format; the resolution size affects playback only.
The recording settings enabled on this page can be overridden by a Jump Policy that has Disable Session Recordings selected. This affects screen sharing, protocol tunnel Jump recording, and command shell recordings.
Enable Automatic Logging of System Information
Choose if system information should be automatically pulled from the remote system at the beginning of the session, to be available later in the session report details.
Enable Session Forensics
Choose if you want the added capability to search across all sessions based on session events, which include chat messages, file transfer, registry editor events, and session foreground window changed events. This feature is enabled by default.
If Command Shell is enabled, Session Forensics allows you to do an in-depth search of shell recordings. When you search for a key term and a match is made in a stored shell recording, the video will automatically be queued to that point in time in the recording. No command output or passwords are recorded.
Peer to Peer Options
This is the default setting. Disables Peer to Peer connections. To enable this feature, you must choose a server to negotiate the session. When screen sharing, file transfer, or command shell is detected, the peer-to-peer connection is attempted. If successful, this creates a direct connection between the user and the client systems, while still sending a second data stream to the appliance for auditing purposes. If for any reason a peer-to-peer connection cannot be established, the session traffic defaults to the appliance-mediated connection.
Use BeyondTrust Hosted Peer to Peer Server
BeyondTrust clients attempt to reach a peer-to-peer connection through the server hosted by BeyondTrust. This requires that your BeyondTrust clients can make outbound UDP 3478 connection requests to stun.bomgar.com. This setting should work in most situations.
Use Appliance as Peer to Peer Server
If your organization requires specific security settings for traffic, you can use the appliance as a peer-to-peer server. This requires that your BeyondTrust appliance be able to accept inbound UDP 3478 connection requests by your BeyondTrust clients. Further firewall settings are required.
Access Portal Logo
Administrators may upload a custom logo image to be displayed on public-facing web pages. This allows external users to verify they are on your organization's web site, as well as enhancing the access portal with your organization's branding.
The logo image is displayed on the following public-facing web pages:
- Access invite download page (the page shown after clicking a link in an access invite email)
- Public recording URLs (view and download)
- Extended availability responses (the page shown after clicking a link in an extended availability invitation email)
- Jump approval authorizations (the page shown after clicking a link in a Jump approval email)
Uploaded logo image files may be in any standard image format. The logical image size maximum is 250 pixels wide and 64 pixels high. However, BeyondTrust supports high density displays which allows for a maximum physical size of 500 pixels wide and 128 pixels high.