# What is a Jump Server? (Bastion Host)

## Метаданные

- **Канал:** PowerCert Animated Videos
- **YouTube:** https://www.youtube.com/watch?v=mwQBqhDS7z8

## Содержание

### [0:00](https://www.youtube.com/watch?v=mwQBqhDS7z8) Segment 1 (00:00 - 05:00)

What is a jump server? So that is the topic of this video. Now a jump server is a server that allows you to securely access other servers or networks in a more limited security zone. It operates as a gateway letting you access servers in a private network while keeping them safe from direct access from the outside. So for example, let's say that you own a business and this business will have a network with database servers that contain sensitive information. And because you want to keep these servers secure, they won't have access to the internet. They are only available internally for you and your employees. Now, accessing these servers from inside the company wouldn't be a problem because you're inside the company. You would just access them directly. But what if you as the owner were outside the company in a different geographical location and you wanted to access and manage your servers remotely? Now, one way you can do this is that you could give your servers internet access by opening up their network ports and making them accessible from the outside. But by doing this, this would open up your servers to the internet and could make them vulnerable to hackers that could access them. But a better option would be by using a jump server. server, it will act as a gateway for you to access your servers. So instead of giving your internal servers access to the internet, you would only give one device, which is the jump server, internet access. So, if you wanted to manage your servers remotely, you would first connect to the jump server using protocols such as SSH for Linux or RDP if you're using Windows. And then from the jump server, you would access your servers using the same protocols. So, basically, it acts like a stepping stone to access private servers in a network. Hey guys, if you're watching my videos, you're obviously interested in learning. That's why I want to tell you about Brilliant. Brilliant is an online learning center where you can learn and master concepts designed for kids and adults ages 10 to 110. But what makes Brilliant different is that it makes learning fun and effective because you're not just watching a lecture or reading text, but instead you're involved in doing the exercises yourself, which makes complex ideas easy to grasp. So for example, are you interested in learning AI? Brilliant has a number of lessons that will take you under the hood of AI and will give you an understanding of how it works. From learning biograms, language models, and editing facial expressions, Brilliant will give you the foundational skills and learning one of the highest trending technologies in the world today. And to learn for free on Brilliant for a full 30 days, go to brilliant. org/p org/powersert. Scan the QR code on the screen or click on the link in the description. And Brilliant's also given my viewers 20% off an annual premium subscription, which gives you unlimited daily access to everything on Brilliant. So, what are the benefits of using a jump server? Well, the first benefit is that it reduces the number of ways that hackers can get in. Because instead of giving all your servers internet access, you're only going to give one device, which is the jump server, internet access, and you can concentrate on hardening and securing that single device only instead of multiple devices. Another benefit is centralized access and management. Because since all traffic for remote access will go through the jump server, it'll make it easier to enforce policies, handle users, and verify identities. So, it makes it easier to control who can access what and manage those rights. And another benefit is monitoring because a jump server can log all user activity and traffic. Now you can set up a jump server as either a physical machine or a virtual machine. To set up a physical jump server, you need to get a physically small server or PC and then place it in a secure location. And then you would install an operating system such as Linux or Windows server. And then you also need to be sure not to install any additional unnecessary software because the more software you install, the more vulnerable the server will be from a cyber attack. So the jump server would be placed outside the firewall and then the firewall would be configured with rules that only allows incoming connections from the jump server and nothing else. Then you would assign it a

### [5:00](https://www.youtube.com/watch?v=mwQBqhDS7z8&t=300s) Segment 2 (05:00 - 07:00)

public IP address, set up security accounts and security measures such as MFA, and configure remote access ports such as SSH or RDP, which is what is typically used for jump servers. And for extra security, you can also add another firewall and place it on the other side of the jump server and create a DMZ or demilitarized zone. A DMZ is a subn network that sits between the public network and the private network. And its purpose is to help improve the security of a private network by creating a neutral zone. So if a cyber attack happened, the jump server in the DMZ would act as a buffer to absorb the attack and prevent it from accessing the private network. So another question is well how does a jump server differ from a VPN? Well both of these are used to securely access devices in a network remotely but the difference is that a VPN doesn't use an intermediate device like a jump server. It accesses a network directly using a secure encrypted tunnel. And to create this tunnel, it requires more complex configurations and you have to configure the VPN on both the client side and server side. And a VPN is typically used for general work purposes such as employees who work remotely and they want to access network resources as if they were in the same building. But a jump server is more precise. It's not only used to access information on servers, but it's also used when you want to specifically manage those servers in a network. So guys, I want to thank you for watching this video on jump servers. Please subscribe, leave a comment, and I will see you in the next video.

---
*Источник: https://ekstraktznaniy.ru/video/30215*