Use Jump Items to Access Endpoints in the Privileged Web Access Console

Privileged Web Access Console Interface

Frequently Used Jump Items

 

To access an endpoint, install a Jump Item on that system from the Jump Clients page of the /login administrative interface.

Jump Items are listed in Jump Groups. If you are assigned to one or more Jump Groups, you can access the Jump Items in those groups, with the permissions assigned by your admin.

Your personal list of Jump Items is primarily for your individual use, although your team leads, team managers, and users with permission to see all Jump Items may have access to your personal list of Jump Items. Similarly, if you are a team manager or lead with appropriate permissions, you may see team members' personal lists of Jump Items. Additionally, you may have permission to access Jump Items in Jump Groups you do not belong to and personal Jump Items for non-team members.

There are three ways that you can begin accessing endpoints:

  • Locate and select an endpoint from the My Jump Groups list.
  • Choose a Jump Group and select an endpoint from that group's listing of endpoints.
  • Select a session from the Frequently Used Jump Items list.

Note: The Frequently Used Jump Items list displays all of the Jump Items that you access on a regular basis. To start a session with a frequented item, hover your mouse over the session and click Start Session.

To begin accessing Jump Items, follow the steps outlined below:

Refresh All Button for Jump Items Jump Item Information

 

  1. Select a location and click on the Refresh All button.

  2. A list of all Jump Items populates, and you can review details about the Jump Item, including: Name, Method, Group, Status, and Last Accessed. To review more details about the Jump Item, click on the plus sign beside the Jump Item's name.
  3. Click the JUMP button to start a session with the endpoint.

End-User and Third-Party Authorization

Depending on the configuration of Jump Items within the /login administrative interface, a Jump Item may have a Jump Policy associated with it, and the policy may define an authorization component that forces you to request permission from a third-party or an administrator before you are able to start an access session with the Jump Item. To learn more about how to configure third party and end-user notifications and approval, please see Jump Policies: Set Schedules, Notifications, and Approval for Jump Items.

Prompt Asking for the Reason for Access

  1. After you have clicked the JUMP button and requested access, a prompt appears, and you are required to enter a reason for wanting to access the system.
  2.  

    Prompt that Show the Duration of Access

  3. Next, you must indicate when and for how long you will be accessing the system.
  4. Once the request has been submitted, the third party or person responsible for approving access requests is alerted through an email notification and has the opportunity to accept or deny the request. Although other approvers can see the email address of the person who approved or denied the request, the requester cannot.
  5.  

    Authorization Denial Message

  6. After permission has been determined, an authorization notification appears within the Jump Item's information displaying either "approved" or "denied." If access is granted, you can tap the Jump button to begin accessing the system.
  7.  

    Access Prompt

  8. Then you are presented with a message asking if you would like to begin an access session.
  9. If you choose to begin the session, the approving party's comments appear, and you can begin accessing the system.

 

Signing on with Credentials from the Credential Store

Automatic Log On Credentials

Credentials from the Endpoint Credential Manager can be used for RDP and for performing Remote Jump. If a user selects to Jump to a Remote Jump or Remote RDP and no automatic log on credentials are available, a username and password must be entered into the prompt before the access session can begin with the endpoint. If the /login administrative interface has been configured with automatic log on credentials and returns only one set of credentials as being available for a particular user and Jump Item, the credential request is skipped, and the single credential is used to start the session. If there is more than one credential configured in the /login administrative interface, the user has the choice either to choose credentials from the credential store or to enter their own credentials manually. For more information on credential configuration and management, please see Security: Manage Security Settings.