Installation server (install server, jump server, jump host or jumpbox) - this is the name of a specially designated computer on the network designed to access devices in the organization’s demilitarized zone ( DMZ ). Most often used to manage nodes in DMZ from trusted networks or computers.
The installation server is a secure and monitored computer located in two different security zones; it serves as a controlled means for access between them. User access rights to it should be strictly delimited and controlled .
Content
- 1 Background
- 2 Implementations
- 2.1 UNIX
- 2.2 Windows
- 3 Security Risks
- 4 See also
Background
In the 1990s, along with the spread of the concept of a demilitarized zone , the need arose to provide access between diverse security zones. The installation server appeared to satisfy this need and is usually used in conjunction with proxy services to provide access from the administrator's computer to the managed device. Because SSH tunneling was widespread, installation servers became the de facto access method.
Implementations
Installation server usually placed between the protected (secure), and zone DMZ for the controlled devices in DMZ after connection to the installation administrator server. The installation server acts as a single point of traffic control, as well as a single place where you can manage user accounts. The administrator must go to the installation server to gain access to the resources of the DMZ , while all his actions are recorded and can be subsequently studied.
UNIX
A typical UNIX (and UNIX-like ) configuration of an OS includes SSH and a local firewall . The administrator connects to the target device in the DMZ by creating an SSH connection from the administrator’s PC to the installation server and then forwarding the SSH tunnel to the target device. Usually they say that SSH (SSH forwarding) is being forwarded to the target device. Creating SSH-tunnel to the target device allows to exploit insecure protocols for server management without the creation of special rules on the firewall or in providing access to the internal network of the organization.
Windows
A typical Windows Server configuration includes RDP services that provide administrators with access to its desktop. A Windows Server administrator can start an RDP session inside another RDP session and thus gain access to the target Windows Server located in the DMZ .
Security Risks
The installation server poses potential risks, however, there are methods to increase the safety of its operation:
- Reducing the size of each subnet by increasing the number of subnets, with the protection of received VLANs on a firewall or router
- Use access control with a higher level of security, such as multi-factor authentication
- Maintaining the OS and software operated on the installation server up to date
- Using access control lists to restrict access only to users who need it
- Prohibition of outgoing access from the installation server to the Internet
- Restriction of the list of applications that the user can run on the installation server (the so-called "white" list)
- Introducing strict registration of user actions on the installation server
See also
- Demilitarized zone
- Firewall
- Proxy server
- Bastion host