Requirements and Considerations to Install a Jumpoint
A Jumpoint-facilitated Bomgar session involves three computers:
- The support representative's system
- A Windows computer that hosts the Jumpoint
- The unattended Windows computer targeted for remote control
- The administrator deploying the Jumpoint must have administrative rights on the computer hosting the Jumpoint.
- The support representative must have administrative rights to the target computer.
- In the Bomgar administrative interface, one or both of the following conditions must be true:
- The representative must have the account permission Allowed Jump Methods: Local Jump on the local network.
- The representative must have the account permission Allowed Jump Methods: Remote Jump via a Jumpoint and must be granted access to one or more Jumpoints, either individually, via group policy, or via embassy group.
The main objective of any Bomgar administrator should be to ensure the integrity of the Bomgar deployment. The simpler and more clear-cut a Bomgar deployment is, the easier it is to maintain a level of integrity that is in line with your company's security objectives. When deploying a Jumpoint on a remote network, another layer of complexity is introduced to your deployment. Therefore, Bomgar recommends using a dedicated resource for a Jumpoint in order to decrease any potential security risks, increase availability, and reduce management complexity.
If a dedicated resource is not readily available, there are several factors to take into consideration before deciding to use a shared resource as a Jumpoint host. When using a shared resource, the Bomgar administrator must be aware of everything for which the shared resource is used. For example, the Bomgar administrator would need to identify and control any unwanted changes to or repurposing of the resource by other groups, especially in large organizations.
There are many other variables that are unique to any given network or business environment. The questions below are provided to encourage a proactive approach before pursuing the use of a shared resource as a Jumpoint host. Bomgar encourages adding your own list of pros and cons before deploying a Jumpoint on a shared resource.
- Who has access to this resource?
- Are file shares accessible on this resource?
- Are there group policies in place that may restrict Jumpoint functionality?
- What is the risk of virus infection or malware due to multi-user access?
- What is the risk of another user's changing the system permissions or deleting needed files?
- What other programs will be competing for resources such as disk space, processor availability, bandwidth, and disk access?
- Will the resource be available at all times? How critical is on-demand access?
- What is the risk of permission modification on file shares?
- Will this resource be used frequently for print jobs? Large or frequent print jobs can consume a large amount of resources, adversely affecting Jumpoint performance.
- How critical is availability? What is the risk of the Jumpoint not being available?
- How frequently will this Jumpoint be used?
- What is the potential number of Jump sessions that will need to be run through this Jumpoint at the same time?
- Will shared responsibility of this resource across different departments increase complexity?