Doing RDP Connections through a Jumpoint (Remote Desktop Protocol) - BeyondTrust Snacks

Hi my name is Adam white, director of technical marketing with BeyondTrust. Today, we're going to take a look at RDP connections through a jump point. Just as a reminder, a jump point is a client type that you can install on a remote network on a Windows or Linux system, and it can facilitate these types of connections that you see on the right hand side. RDP, VNC. SSH or Telnet.

Web jump and protocol tunneling. Today we'll look at RDP and RDP uses port 3389. So in the case of a jump point, you only have to open 3389 between a system that you're designating as a target, a system that you want technicians to be able to access. So 3389 needs to be opened between that system and the jump point. But it's not necessary that the RDP connection or the 3389 connection be open inside of that network.

Otherwise and one reason that you might not want to open 3389 broadly is to keep down leapfrogging from system to system, right? So if I gave a technician access to RDP server 1, I might not want them to have access to RDP server 2. If I left 3389 open, then you could just RDP to the first server and RDP to the second server from that device.

So the jump point really helps you be strategic about how you're leveraging port traffic inside of the network, as well as allowing just a convenient method to connect to these systems and one that captures an audit trail. So let's take a look at what this looks like for a technician.

I'll just bring on to my screen the BeyondTrust Privileged Remote Access access console. And we can take a look at the list of devices that this technician has access to or the ability to access. So we can see the jump method is remote RDP. We can see over here and some of the details that the jump point is server access. One of the great things about this is the technician doesn't need to know that it's here for their information, but it's not a prerequisite for them connecting to this device.

It's a part of the configuration that the administrator set up. And all the technician needs to know is what device they want access to, and they would double click this line. I have already created a connection to this device. And we can see that here in this tab.

So screen sharing is certainly a part of the equation here with this system. I would also have the ability to bring in other technicians, share or transfer the session if need be. And as I mentioned previously, all of the interaction that occurs with this device is logged on the appliance.

So you would be able to go in and see a full audit log, not only for your own kind of ability to see what's happening inside of your environment, but to show compliance, to show auditors that these connections are happening, what's occurring inside of these sessions.

And you have that piece of mind that audit trail exists. If you have any questions about this, please don't hesitate to reach out to BeyondTrust sales. Check out our website and thank you so much for your time today. We appreciate it.