Options: Manage Connection Options, Record Sessions, Speed Up Sessions



Session Options

Require Closed Sessions on Logout or Quit

If you check Require Closed Sessions on Logout or Quit, users will be unable to log out of the console if they currently have any session tabs open.

Connection Options

Reconnect Timeout

Determine how long a disconnected endpoint client should attempt to reconnect.

Restrict physical access to the endpoint if the endpoint loses its connection or if all of the users in session are disconnected

If the session connection is lost, the remote system's mouse and keyboard input can be temporarily disabled, resuming either when the connection is restored or when the session is terminated.

Session Termination Behavior

If unable to reconnect within the time you set by Reconnect Timeout, choose what action to take. To prevent an end-user from accessing unauthorized privileges after an elevated session, set the client to automatically log the end user out of the remote Windows computer at session end, to lock the remote computer, or to do nothing. These rules do not apply to browser sharing sessions.

Allow users to override this setting per session

You can allow a user to override the session termination setting from the Summary tab in the console during a session.

Access Session Logging Options

Enable Screen Sharing Recording

Choose if screen sharing sessions should be automatically recorded as videos.

Screen Sharing Recording Resolution

Set the resolution at which to view session recording playback.

All recordings are saved in raw format; the resolution size affects playback only.

Enable User Recording for Protocol Tunnel Jump

Choose if Protocol Tunnel Jump sessions should be automatically recorded as videos. Because Protocol Tunnel Jumps require the use of a third-party application of choice, the user's entire desktop is captured, including all monitors.

User Recording Resolution

Set the resolution at which to view session recording playback.

All recordings are saved in raw format; the resolution size affects playback only.

Require User's Consent Before Recording Starts

Choose if users should receive a prompt telling them that their desktop will be recorded when beginning a Protocol Tunnel Jump session. Please note that if the user does not consent, Protocol Tunnel Jump session will not continue.

Enable Command Shell Recording

Choose if command shell sessions should be automatically recorded as videos. Enabling command shell recordings also enables command shell sessions to be available as text transcripts.

Command Shell Recording Resolution

Set the resolution at which to view session recording playback.

All recordings are saved in raw format; the resolution size affects playback only.


The recording settings enabled on this page can be overridden by a Jump Policy that has Disable Session Recordings selected. This affects screen sharing, protocol tunnel Jump recording, and command shell recordings.

Enable Automatic Logging of System Information

Choose if system information should be automatically pulled from the remote system at the beginning of the session, to be available later in the session report details.

Enable Session Forensics

Choose if you want the added capability to search across all sessions based on session events, which include chat messages, file transfer, registry editor events, and session foreground window changed events. This feature is enabled by default.

If Command Shell is enabled, Session Forensics allows you to do an in-depth search of shell recordings. When you search for a key term and a match is made in a stored shell recording, the video will automatically be queued to that point in time in the recording. No command output or passwords are recorded.

Peer to Peer Options


This is the default setting. Disables Peer to Peer connections. To enable this feature, you must choose a server to negotiate the session. When screen sharing, file transfer, or command shell is detected, the peer-to-peer connection is attempted. If successful, this creates a direct connection between the user and the client systems, while still sending a second data stream to the B Series Appliance for auditing purposes. If for any reason a peer-to-peer connection cannot be established, the session traffic defaults to the B Series Appliance-mediated connection.

Use BeyondTrust Hosted Peer to Peer Server

BeyondTrust clients attempt to reach a peer-to-peer connection through the server hosted by BeyondTrust. This requires that your BeyondTrust clients can make outbound UDP 3478 connection requests to This setting should work in most situations.

Use B Series Appliance as Peer to Peer Server

If your organization requires specific security settings for traffic, you can use the B Series Appliance as a peer-to-peer server. This requires that your B Series Appliance be able to accept inbound UDP 3478 connection requests by your BeyondTrust clients. Further firewall settings are required.

For more information, please see BeyondTrust Appliance B Series Administration: Restrict Accounts, Networks, and Ports, Enable a STUN Server, Set Up Syslog, Enable Login Agreement, Reset Admin Account.

Access Portal Logo

Administrators may upload a custom logo image to be displayed on public-facing web pages. This allows external users to verify they are on your organization's web site, as well as enhancing the access portal with your organization's branding.

The logo image is displayed on the following public-facing web pages:

  • Access invite download page (the page shown after clicking a link in an access invite email)
  • Public recording URLs (view and download)
  • Extended availability responses (the page shown after clicking a link in an extended availability invitation email)
  • Jump approval authorizations (the page shown after clicking a link in a Jump approval email)

Uploaded logo image files may be in any standard image format. The logical image size maximum is 250 pixels wide and 64 pixels high. However, BeyondTrust supports high density displays which allows for a maximum physical size of 500 pixels wide and 128 pixels high.