Configure Jump Client Settings
An administrator can choose which statistics to view for all Jump Clients on a site-wide basis. These statistics are displayed in the representative console and include CPU, console user, disk usage, a thumbnail of the remote screen, and uptime.
You may further regulate the bandwidth used during upgrades by setting Maximum bandwidth of concurrent Jump Client upgrades. The maximum upgrade bandwidth is 100 MiB/s.
The Active Jump Client Statistics Update Interval determines how often these statistics are updated. Managing which statistics are viewed and how often can help to regulate the amount of bandwidth used. The more active Jump Clients you have deployed, the fewer the statistics and the longer the interval may need to be.
Also set the maximum number of Jump Clients to upgrade at the same time. Note that if you have a large number of Jump Clients deployed, you may need to limit this number to regulate the amount of bandwidth consumed. The maximum number allowed is 500.
Neither of these settings affects representative console upgrades or Support Button deployments.
When upgrading to a newly built site software package, verify that all certificate stores are managed appropriately and are up-to-date prior to upgrading to a new BeyondTrust version. Failure to do so may cause a majority of your existing Jump Clients to appear offline.
Global connection rate for Jump Clients determines the maximum rate per second of Jump Clients able to connect to the B Series Appliance at the same time during an upgrade or after a major network outage. The default is 50 connections and the maximum allowed is 300.
Restrict Local Uninstall/Disable of Jump Clients limits the remote user’s ability to uninstall or disable Jump Clients from the right-click context menu, reducing the need to reinstall Jump Clients that should not have been uninstalled. If this option is enabled, only users with appropriate privileges on the target machine may uninstall the Jump Client via the host system's "uninstall programs" mechanism.
Uninstalled Jump Client Behavior determines how a Jump Client deleted by an end user is handled by the representative console. Depending on the option made in the dropdown, the deleted item can either be marked as uninstalled and kept in the list or actually be removed from the list of Jump Items in the representative console. If the Jump Client cannot contact the B Series Appliance at the time it is uninstalled, the affected item remains in its offline state.
Allow Representatives to attempt to wake up Jump Clients provides a way to wake up a selected Jump Client by broadcasting Wake-on-LAN (WOL) packets through another Jump Client on the same network. Once a WOL is attempted, the option becomes unavailable for 30 seconds before a subsequent attempt can be made. WOL must be enabled on the target computer and its network for this function to work. The default gateway information of the Jump Client is used to determine if other Jump Clients reside on the same network. When sending a WOL packet, the user has an advanced option to provide a password for WOL environments that require a secure WOL password.
Use screen state to detect Customer Presence sets how customer presence is determined. Customer presence is used when choosing whether to use the Customer Present Session Policy or the Customer Not Present Session Policy. If checked, the customer is determined to be present only if a user is logged in, the screen is not locked, and a screen saver is not running. If unchecked, the customer is considered present if a user is logged in, regardless of screen state.
With Jump Client Default Connection Type, set whether Jump Clients pinned during a customer-initiated session should by default be active or passive.
The Passive Jump Client Port specifies which port a passive Jump Client will use to listen for a "wake up" command from the B Series Appliance. The default port is 5832. Ensure that firewall settings allow inbound traffic on this port for your hosts with passive Jump Clients. Once awake, Jump Clients always connect to the B Series Appliance on port 80 or 443 outbound.
If a Jump Client goes offline and does not reconnect to the B Series Appliance for the number of days specified by the Number of days before Jump Clients that have not connected are automatically deleted setting, it is automatically uninstalled from the target computer and is removed from the Jump interface of the representative console.
This setting is shared with the Jump Client during normal operation so that even if it cannot communicate with the site, it uninstalls itself at the configured time. If this setting is changed after the Jump Client loses connection with the B Series Appliance, it uninstalls itself at the previously configured time.
The setting must be configured for 15 days or more.
If a Jump Client goes offline and does not reconnect to the B Series Appliance for the number of days specified by the Number of days before Jump Clients that have not connected are considered lost setting, it is labeled as lost in the representative console. No specific action is taken on the Jump Client at this time. It is labeled as lost only for identification purposes, so that an administrator can diagnose the reason for the lost connection and take action to correct the situation.
To allow you to identify lost Jump Clients before they are automatically deleted, this field should be set to a smaller number than the deletion field above.
The setting must be configured for 15 days or more.
You can set Jump Clients to allow or disallow simultaneous Jumps from the Jump > Jump Items > Jump Settings section. If allowed, multiple users can gain access to the same Jump Client without an invitation to join an active session by another user. If disallowed, only one user can Jump to a Jump Client at a time. Only an invitation by the user who originated the session can allow for a second user to access the session.
Jump Clients allow for one of two modes of behavior, active or passive. The default mode can be set from the Jump > Jump Clients page, and the mode can be switched from the Jump interface of the representative console.
A Jump Client in active mode maintains a persistent connection to the BeyondTrust Appliance B Series, waiting for session requests. It sends statistics updates as frequently as once per minute, as defined in the Jump Client Settings on the Jump > Jump Clients page.
A passive Jump Client does not maintain a connection to the B Series Appliance but rather listens for connection requests. It sends statistics updates only once per day or upon manual check-in. By setting Jump Clients to passive mode, you can have a larger number of deployed Jump Clients without markedly increasing the B Series Appliance load.
If Console User is checked in Jump Clients > Jump Client Statistics, passive Jump Clients check in whenever they detect a new console user and report the user’s name.
In order to use a passive Jump Client, the B Series Appliance must be able to initiate contact with the computer on which the passive Jump Client is installed. This requirement may necessitate that you modify firewall rules to allow incoming connections to the target computer through the configured listen port. By default, this port is 5832; this can be modified from the Jump > Jump Clients page.
Passive mode may best be used on internal systems rather than external ones, although with correct firewall configurations, it may be used in either implementation. The following table presents key differences between the two modes.
The maximum number of Jump Clients available to a RS Virtual Appliance is based on allocated resources. For more information, please see the RS Virtual Appliance Sizing Guidelines .