Manage Jump Client Settings
An administrator can choose which statistics to view for all Jump Clients on a site-wide basis. These statistics are displayed in the access console and include CPU, console user, disk usage, a thumbnail of the remote screen, and uptime.
The Active Jump Client Statistics Update Interval determines how often these statistics are updated. Managing which statistics are viewed and how often can help to regulate the amount of bandwidth used. The more active Jump Clients you have deployed, the fewer the statistics and the longer the interval may need to be.
You may regulate the bandwidth used during upgrades by setting Maximum bandwidth of concurrent Jump Client upgrades.
Also set the maximum number of Jump Clients to upgrade at the same time. Note that if you have a large number of Jump Clients deployed, you may need to limit this number to regulate the amount of bandwidth consumed.
When upgrading to a newly built site software package, verify that all certificate stores are managed appropriately and are up-to-date prior to upgrading to a new BeyondTrust version. Failure to do so may cause a majority of your existing Jump Clients to appear offline.
Set the the global connection rate for disconnected Jump Clients to try to reconnect.
Set whether the default Jump Client connection type should be active or passive.
If a Jump Client goes offline and does not reconnect to the Secure Remote Access Appliance for the number of days specified by the Number of days before Jump Clients that have not connected are automatically deleted setting, it is automatically uninstalled from the target computer and is removed from the Jump interface of the access console.
This setting is shared with the Jump Client during normal operation so that even if it cannot communicate with the site, it uninstalls itself at the configured time. If this setting is changed after the Jump Client loses connection with the appliance, it uninstalls itself at the previously configured time.
If a Jump Client goes offline and does not reconnect to the Secure Remote Access Appliance for the number of days specified by the Number of days before Jump Clients that have not connected are automatically deleted setting, it is labeled as lost in the access console. No specific action is taken on the Jump Client at this time. It is labeled as lost only for identification purposes, so that an administrator can diagnose the reason for the lost connection and take action to correct the situation.
To allow you to identify lost Jump Clients before they are automatically deleted, this field should be set to a smaller number than the deletion field above.
You can set Jump Clients to allow or disallow simultaneous Jumps from the Jump > Jump Items > Jump Settings section. If allowed, multiple users can gain access to the same Jump Client without an invitation to join an active session by another user. If disallowed, only one user can Jump to a Jump Client at a time. Only an invitation by the user who originated the session can allow for a second user to access the session.
Uninstalled Jump Client Behavior determines how a Jump Client deleted by an end user is handled by the access console. Depending on dropdown option selected, the deleted item can either be marked as uninstalled and kept in the list or actually be removed from the Jump Items list in the access console. If the Jump Client cannot contact the Secure Remote Access Appliance at the time it is uninstalled, the affected item remains in its offline state.
Set the default connection type of the Jump Client to be deployed.
The Passive Jump Client Port specifies which port a passive Jump Client uses to listen for a "wake up" command from the appliance. The default port is 5832. Ensure that firewall settings allow inbound traffic on this port for your hosts with passive Jump Clients. Once awake, Jump Clients always connect to the appliance on port 80 or 443 outbound.
Allow users to attempt to wake up Jump Clients provides a way to wake up a selected Jump Client by broadcasting Wake-on-LAN (WOL) packets through another Jump Client on the same network. Once a WOL is attempted, the option becomes unavailable for 30 seconds before a subsequent attempt can be made. WOL must be enabled on the target computer and its network for this function to work. The default gateway information of the Jump Client is used to determine if other Jump Clients reside on the same network. When sending a WOL packet, the user has an advanced option to provide a password for WOL environments that require a secure WOL password.
Jump Clients allow for one of two modes of behavior, active or passive. The default mode can be set from the Jump > Jump Clients page, and the mode can be switched from the Jump interface of the access console.
A Jump Client in active mode maintains a persistent connection to the Secure Remote Access Appliance, waiting for session requests. It sends statistics updates as frequently as once per minute, as defined in the Jump Client Settings on the Jump > Jump Clients page.
A passive Jump Client does not maintain a connection to the appliance but rather listens for connection requests. It sends statistics updates only once per day or upon manual check-in. In order to use a passive Jump Client, the appliance must be able to initiate contact with the computer on which the passive Jump Client is installed. This requirement may necessitate that you modify firewall rules to allow incoming connections to the target computer through the configured listen port. By default, this port is 5832; this can be modified from the Jump > Jump Clients page. Passive mode may best be used on internal systems rather than external ones, although with correct firewall configurations, it may be used in either implementation.