Sponsored Links

Kamis, 19 April 2018

Sponsored Links

Cloud POC | Boobboo's Blog | Page 2
src: boobboo.files.wordpress.com

A jump server or jump host or jumpbox or secure administrative host is a (special-purpose) computer on a network typically used to manage devices in a separate security zone. The most common example is managing a host in a DMZ from trusted networks or computers.


Video Jump server



Background

In the 1990s when co-location facilities became more common there was a need to provide access between dissimilar security zones. The jump server concept emerged to meet this need. The jump server would span the two networks and typically be used in conjunction with a proxy service such as SOCKS to provide access from an administrative desktop to the managed device. As SSH tunneling became common, jump servers became the de facto method of access.


Maps Jump server



Definition

A jump server is a hardened and monitored device that spans two dissimilar security zones and provides a controlled means of access between them. User access should be tightly controlled and monitored.


You Need to Rethink that “Jump Server.” | Don Jones
src: defaultcustomheadersdata.files.wordpress.com


Implementation

Jump servers are typically placed between a secure zone and a DMZ to provide transparent management of devices on the DMZ once a management session has been established. The jump server acts as a single audit point for traffic and also a single place where user accounts can be managed. A prospective administrator must log into the jump server in order to gain access to the DMZ assets and all access can be logged for later audit.

Unix

A typical configuration is a hardened Unix (or Unix-like) machine configured with SSH and a local firewall. An administrator connects to a target machine in the DMZ by making an SSH connection from the administrator's personal computer to the jump server and then using SSH forwarding to access the target machine.

Using an SSH tunnel to the target host allows the use of insecure protocols to manage servers without creating special firewall rules or exposing the traffic on the inside network.

Windows

A typical configuration is a Windows server running Remote Desktop Services that administrators connect to, this isolates the secure infrastructure from the configuration of the administrators workstation.


Azure Resource Manager, Citrix Cloud & Hybrid Deployment … OH MY ...
src: www.citrix.com


Security risks

A jump server is a potential risk in a network's design. There are several ways of improving the security of the jump server, including:

  • Reducing the subnet size (increasing the number of subnets), and securing those VLANs using a firewall or router.
  • Using higher security authentication, such as multi-factor authentication.
  • Keeping the operating system and software on the jump server up to date.
  • Using ACLs to restrict access to only the people that require it.
  • Do not allow outbound access to the rest of the internet from the jump server.
  • Restrict which programs can be run on the jump server.
  • Enable strong logging.

With the high level of risk that a jump server can represent, a VPN may be a suitable and higher security replacement.


Isolation, Control & Monitoring in Next Generation Jump Servers
src: www.cyberark.com


See also

  • DMZ
  • Firewall
  • Hardening
  • Proxy server
  • Bastion host
  • Stepping stone server

CS 1.6 Jump Server Bhop Master - YouTube
src: i.ytimg.com


References

  • http://www.atsec.de/fileadmin/user_upload/whitepaper/ISSE_2009-Secure_network_zones-Peter_Wimmer.pdf
  • http://www.giac.org/paper/gcux/266/installation-secure-user-chrooted-ssh-jumphost/106535

Source of the article : Wikipedia

Comments
0 Comments