Configuration
Options: Manage Connection Options, Record Sessions, Speed Up Sessions
Configuration
Options
Session Options
Require Closed Sessions on Logout or Quit
If you check Require Closed Sessions on Logout or Quit, users will be unable to log out of the console if they currently have any session tabs open.
Connection Options
Reconnect Timeout
Determine how long a disconnected endpoint client should attempt to reconnect.
Restrict physical access to the endpoint if the endpoint loses its connection or if all of the users in session are disconnected
If the session connection is lost, the remote system's mouse and keyboard input can be temporarily disabled, resuming either when the connection is restored or when the session is terminated.
Access Session Logging Options
Enable Screen Sharing Recording
Choose if screen sharing sessions should be automatically recorded as videos.
Screen Sharing Recording Resolution
Set the resolution at which to view session recording playback.
All recordings are saved in raw format; the resolution size affects playback only.
Enable User Recording for Protocol Tunnel Jump
Choose if Protocol Tunnel Jump sessions should be automatically recorded as videos. Because Protocol Tunnel Jumps require the use of a third-party application of choice, the user's entire desktop is captured, including all monitors.
User Recording Resolution
Set the resolution at which to view session recording playback.
All recordings are saved in raw format; the resolution size affects playback only.
Require User's Consent Before Recording Starts
Choose if users should receive a prompt telling them that their desktop will be recorded when beginning a Protocol Tunnel Jump session. Please note that if the user does not consent, Protocol Tunnel Jump session will not continue.
Enable Command Shell Recording
Choose if command shell sessions should be automatically recorded as videos. Enabling command shell recordings also enables command shell sessions to be available as text transcripts.
Command Shell Recording Resolution
Set the resolution at which to view session recording playback.
All recordings are saved in raw format; the resolution size affects playback only.
The recording settings enabled on this page can be overridden by a Jump Policy that has Disable Session Recordings selected. This affects screen sharing, protocol tunnel Jump recording, and command shell recordings.
Enable Automatic Logging of System Information
Choose if system information should be automatically pulled from the remote system at the beginning of the session, to be available later in the session report details.
Enable Session Forensics
Choose if you want the added capability to search across all sessions based on session events, which include chat messages, file transfer, registry editor events, and session foreground window changed events. This feature is enabled by default.
If Command Shell is enabled, Session Forensics allows you to do an in-depth search of shell recordings. When you search for a key term and a match is made in a stored shell recording, the video will automatically be queued to that point in time in the recording. No command output or passwords are recorded.
Peer to Peer Options
Enabling peer-to-peer connections for access sessions enhances the performance of screen sharing, file transfer, and command shell tools. Additional firewall configuration might be required to successfully establish peer-to-peer connections.
Disabled
This is the default setting. Disables Peer to Peer connections. To enable this feature, you must choose a server to negotiate the session. When screen sharing, file transfer, or command shell is detected, the peer-to-peer connection is attempted. If successful, this creates a direct connection between the user and the client systems, while still sending a second data stream to the B Series Appliance for auditing purposes. If for any reason a peer-to-peer connection cannot be established, the session traffic defaults to the B Series Appliance-mediated connection.
Use BeyondTrust Hosted Peer to Peer Server
BeyondTrust clients attempt to reach a peer-to-peer connection through the server hosted by BeyondTrust. This requires that your BeyondTrust clients can make outbound UDP 3478 connection requests to stun.bt3ng.com. This setting is expected to work in most situations.
Use B Series Appliance as Peer to Peer Server
This feature is available only to customers who own an on-premises BeyondTrust Appliance B Series. BeyondTrust Cloud customers do not have access to this feature.
If your organization requires specific security settings for traffic, you can use the B Series Appliance as a peer-to-peer server. This requires that your B Series Appliance be able to accept inbound UDP 3478 connection requests by your BeyondTrust clients. Further firewall settings are required.
For more information, please see BeyondTrust Appliance B Series Administration: Restrict Accounts, Networks, and Ports, Enable a STUN Server, Set Up Syslog, Enable Login Agreement, Reset Admin Account.
Access Portal Logo
Administrators may upload a custom logo image to be displayed on public-facing web pages. This allows external users to verify they are on your organization's web site, as well as enhancing the access portal with your organization's branding.
The logo image is displayed on the following public-facing web pages:
- Access invite download page (the page shown after clicking a link in an access invite email)
- Public recording URLs (view and download)
- Extended availability responses (the page shown after clicking a link in an extended availability invitation email)
- Jump approval authorizations (the page shown after clicking a link in a Jump approval email)
Uploaded logo image files may be in any standard image format. The logical image size maximum is 250 pixels wide and 64 pixels high. However, BeyondTrust supports high density displays which allows for a maximum physical size of 500 pixels wide and 128 pixels high.
