A jump server, jump host or jump box is a system on a

network Network, networking and networked may refer to: Science and technology * Network theory, the study of graphs as a representation of relations between discrete objects * Network science, an academic field that studies complex networks Mathematics ...

used to access and manage devices in a separate security zone. A jump server is a hardened and monitored device that spans two dissimilar security zones and provides a controlled means of access between them. The most common example is managing a host in a

DMZ A demilitarized zone (DMZ or DZ) is an area in which treaties or agreements between nations, military powers or contending groups forbid military installations, activities, or personnel. A DZ often lies along an established frontier or bounda ...

from trusted networks or computers.

Background

In the 1990s when co-location facilities became more common there was a need to provide access between dissimilar security zones. The jump server concept emerged to meet this need. The jump server would span the two networks and typically be used in conjunction with a proxy service such as

SOCKS A sock is a piece of clothing worn on the feet and often covering the ankle or some part of the calf. Some types of shoes or boots are typically worn over socks. In ancient times, socks were made from leather or matted animal hair. In the late ...

to provide access from an administrative desktop to the managed device. As SSH-based tunneling became common, jump servers became the de facto method of access.

Implementation

Jump servers are often placed between a secure zone and a DMZ to provide transparent management of devices on the DMZ once a management session has been established. The jump server acts as a single audit point for traffic and also a single place where user accounts can be managed. A prospective administrator must log into the jump server in order to gain access to the DMZ assets and all access can be logged for later audit.

Unix

A typical configuration is a hardened Unix (or

Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...

) machine configured with

SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on a ...

and a local

firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spre ...

. An administrator connects to a target machine in the DMZ by making an SSH connection from the administrator's personal computer to the jump server and then using SSH forwarding to access the target machine. Using an SSH tunnel to the target host allows the use of insecure protocols to manage servers without creating special firewall rules or exposing the traffic on the inside network.

Windows

A typical configuration is a Windows server running

Remote Desktop Services Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine ...

that administrators connect to, this isolates the secure infrastructure from the configuration of the administrator's workstation. It is also possible to enable OpenSSH server on Windows 10 (build 1809 and later) and Windows Server editions 2019 & 2022.

Security risks

A jump server is a potential risk in a network's design. There are several ways of improving the security of the jump server, including: * Properly subnetting / segmenting the network, and securing

VLANs A virtual local area network (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).IEEE 802.1Q-2011, ''1.4 VLAN aims and benefits'' In this context, virtual, refers to a physi ...

using a firewall or router. * Using higher security authentication, such as

multi-factor authentication Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting ...

. * Keeping the operating system and software on the jump server up to date. * Using ACLs to restrict access. * Not allowing outbound access to the rest of the internet from the jump server. * Restricting which programs can be run on the jump server. * Enabling strong logging for monitoring and alerting of suspicious activity. With the high level of risk that a jump server can represent, a

VPN A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...

may be a suitable and higher security replacement. In 2015, a compromised jump server allowed attackers access to over 21.5 million records in one of the largest breaches of government data in the history of the United States.

References

External links

* *{{cite web , title=Installation of a Secure User-Chrooted SSH Jumphost , first=Roland , last=Mathis , date=2004-09-20 , url=http://www.giac.org/paper/gcux/266/installation-secure-user-chrooted-ssh-jumphost/106535 , website=GIAC , access-date=2019-06-12 , format=PDF Computer network security Network architecture