Privileged Remote Access 223 Access Console User Guide
1686138409
File Name: pra-access-console.pdf
File Size: 4.94 MB
File Type: Application/pdf
Last Modified: 8 months
Status: Available
Last checked: 7 days ago!
This Document Has Been Certified by a Professional
100% customizable
Language: English
We recommend downloading this file onto your computer
Summary
Privileged Remote Access 22.3 Access Console User Guide©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC:9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Table of Contents BeyondTrust Access Console 5 Install the Access Console 6 Log into the PRA Access Console 7 Access Console User Interface 9 Change Settings and Preferences in the Access Console 10 Changing Settings 10 Jump Interface: Use Jump Items to Access Remote Systems 14 Copy Jump Items 14 Jump to a Jump Item 14 Use Jump Clients to Access Remote Endpoints 19 Use a Jump Client 19 Sort Jump Clients 19 Search for a Jump Client 19 Jump Client Details Pane 19 Wake-On-Lan (WOL) 20 Copy Jump Items 21 Jump Client Properties 21 Use Remote Jump for Unattended Access to Computers on a Separate Network 23 Create a Remote Jump Shortcut 23 Use a Remote Jump Shortcut 24 Use Local Jump for Unattended Access to Computers on Your Local Network 25 Create a Local Jump Shortcut 25 Use a Local Jump Shortcut 26 Use RDP to Access a Remote Windows Endpoint 27 Create an RDP Shortcut 27 Inject Credentials 28 Use an RDP Shortcut 30 Use VNC to Access a Remote Windows Endpoint 31 Create a VNC Shortcut 31 Use a VNC Shortcut 31 Use a Protocol Tunnel Jump to Make a TCP Connection to a Remote System 33SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 2©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Create a Protocol Tunnel Jump Shortcut 33 Use a Protocol Tunnel Jump Shortcut 34 Stipulations to Correct Functioning 34 Use Shell Jump to Access a Remote Network Device 36 Create a Shell Jump Shortcut 36 Use a Shell Jump Shortcut 37 Use Credential Injection with SUDO on a Linux Endpoint 39 Use a Web Jump to Access Web Services 40 Create a Web Jump Shortcut 40 Use a Web Jump Shortcut 42 Use Credential Injection 43 Access Toolset 44 Access Session Overview and Tools 44 Session Tools 45 Log Into Remote Systems Using Credential Injection from the Access Console 46 Install and Configure the Endpoint Credential Manager 46 System Requirements 46 Configure a Connection to Your Credential Store 48 Use Credential Injection to Access Remote Systems 49 Choose from Favorite Credentials for Injection 50 Check Out and Check In Vault Credentials 50 Control the Remote Endpoint with Screen Sharing 51 Screen Sharing Options 51 Screen Sharing Tools 52 Use Annotations to Draw on the Remote Screen of the Endpoint 54 Enabling Annotations 54 View Multiple Monitors on the Remote Endpoint 56 Using the Display Icon 56 RDP Session Multi-Monitor Support 57 Using the Displays Tab 57 File Transfer to and from the Remote Endpoint 58 File Transfer Tools 58 Open the Command Shell on the Remote Endpoint Using the Access Console 60SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 3©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Command Shell Tools 60 View System Information on the Remote Endpoint 62 System Information Tools 63 Access the Registry Editor on the Remote Endpoint 64 Registry Editor Tools 64 Session Management and Team Collaboration 66 View Active Access Sessions 66 Use the Dashboard to Administer Team Members 67 Chat with Other Users 68 Share your Screen with Another User 69 Share My Screen Tools 69 Share a Session with Other Users 71 Chat with Other Users During a Shared Session 72 Use Extended Availability to Remain Accessible when Not Logged In 73 Email Notification & Invitation 73 Invite an External User to Join an Access Session 74 Ports and Firewalls 75SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 4©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE BeyondTrust Access Console This guide is designed to help you install the BeyondTrust access console onto your computer and understand the features of the solution
BeyondTrust Privileged Remote Access enables you to access remote endpoints by connecting to them through the BeyondTrust Appliance B Series
Use this guide only after an administrator has performed the initial setup and configuration of the B Series Appliance as detailed in the BeyondTrust Appliance B Series Hardware Installation Guide. Once BeyondTrust is properly installed, you can begin accessing your endpoints immediately. Should you need any assistance, please contact BeyondTrust Technical Support at www.beyondtrust.com/support
SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 5©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Install the Access Console In any web browser, go to the URL of your B Series Appliance followed by /login and enter the username and password set by your administrator. You may be prompted to change your password the first time you log in
From the My Account page, download and install the BeyondTrust access console. The option defaults to the appropriate installer for your operating system
Note: On a Linux system, you must save the file to your computer and then open it from its downloaded location. Do not use the Open link that appears after downloading a file from some browsers
When the installation wizard appears, follow the instructions to install the software. After installing the access console, you can choose Run BeyondTrust Access Console Now and/or Run at Startup. Then click Finish
Note: If you choose Run BeyondTrust Access Console Now during installation, a login prompt appears on your screen
SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 6©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Log into the PRA Access Console After installing the BeyondTrust console, launch the access console from its directory location as defined during installation
Note: By default, in Windows, you can access the console from Start Menu > All Programs > Bomgar > access.example.com, where access.example.com is the hostname of the site from which you downloaded the console
If the Login Agreement has been enabled, you must click Accept to proceed
At the prompt, enter your username and password
If two-factor authentication is enabled for your account, enter the code from the authenticator app
Note: If more than one language is enabled for your site, select the language you want to use from the dropdown menu
Note: Users who receive email codes to log in are automatically upgraded to two-factor authentication (2FA), although they may continue to use email codes until they register an app. Once they begin to use 2FA, the email code option is permanently disabled
Alternatively, if your administrator has configured a Kerberos server to enable single sign-on, you can log into the console without entering your credentials. The access console remembers the last used login mechanism, whether it used local credentials, Kerberos, or another security provider
Invited users can also enter a session key to join a shared session on a one-time basis
Check Enable Saved Logins to have the console save your username and password. This option can be enabled or disabled from /login > Management > Security
Once you log in, the console opens, and a BeyondTrust icon appears in your computer's system tray
Note: Your administrator may require you to be on an allowed network to log in to the console. This network restriction may apply the first time you log in or every time. This restriction does not apply to access invites
SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 7©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Note: If you forget your password, go to /login and click the Forgot Your Password? link. This is an option that is set by your administrator. If you do not have this option, please contact your administrator
If you lose your connection, the access console attempts to reconnect for 60 seconds. If your connection is restored within this time, your access console reopens, restoring all of your open sessions. If the connection cannot be restored within this time, you are prompted to retry login or quit
If you are logged into the access console in one location and then log in from another, your open sessions are maintained
Note: To log in with an account already in use and forcibly close the connection on the other system, the setting Terminate Session If Account Is In Use must be checked on the /login > Management > Security page
After an upgrade or at first launch of the desktop access console, a What's New dialog appears automatically upon login for all non- invited users. This dialog may be viewed at any time through the Help menu (Help > What's New) and shows new release information for current and past releases. This is a roaming preference per account, so the dialog appears just once regardless where a user signs in from
For more information, please see the following: l On setting up the login agreement, please see Site Configuration: Set HTTP Ports, Enable Prerequisite Login Agreement at https://www.beyondtrust.com/docs/privileged-remote-access/getting-started/admin/site- configuration.htm l On invited users, "Invite an External User to Join an Access Session" on page 74SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 8©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Access Console User Interface The access console contains several panels, providing tools and information about sessions
Sessions: Manage multiple remote sessions at the same time
Queues: Queues list sessions currently running as well as requests to share sessions with any member of a team. Details about the remote system being accessed appear in this section
Dashboard: Privileged users can view and monitor ongoing sessions and teammates of a lower role, providing administrative oversight to help manage staff
Jump Item Interface: Installed Jump Clients and Jump shortcuts appear here, grouped according to who can access them
Chat: Chat with other logged in users. You also can share your screen with a team member without requiring a session
SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 9©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Change Settings and Preferences in the Access Console Click File > Settings in the upper-left corner of the console to configure your preferences
In general, you can configure the console settings according to your preferences. However, your BeyondTrust administrator might choose to manage your settings, enforcing those managed settings if desired
If your BeyondTrust administrator has changed and applied the default settings, then you will see a Settings Changed alert the next time you log into your console. Click View Settings to open your settings window to view the changes, or click OK to acknowledge the changes
Changing Settings Note: These instructions assume you are allowed to choose the settings used in your console. Settings enforced by your administrator appear marked with an asterisk and grayed out, and they are not locally configurable. Please see your administrator or the administrative guide access console settings topic for more information
The Access Console Settings window includes a Restore Defaults button in the lower left-hand corner of the window which returns all of your settings to the BeyondTrust default settings or to the default settings applied by your administrator if any have been set. An alert dialog asks you to confirm that you wish to change to the defaults. Click Cancel if you wish to return to your locally saved preferences
Note: If any of the defaults are forced by your administrator, you are unable to configure them
From the Global Settings section, you may choose to enable or disable spell check for chat. Currently, spell check is available for US English only
Choose if you want the session menu icon to display, if the sidebar can be detached, and if the widgets on the session sidebar can be rearranged and re-sized
SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 10©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE You can choose to change your display mode. Options include OS Setting (default), Light Mode, and Dark Mode
Note: The Dark Mode option applies to Windows and macOS only
In addition to switching the display mode within the access console, users can change it in OS Settings by selecting Themes and related settings > Color > Choose your color
Choose your alert settings for chat messages. When you receive a chat message, you can choose to hear a sound and to see the application icon flash
If you would like to upload a custom sound for chat messages, click the […] button and select a WAV file on your computer. The file can be no larger than 1MB
Choose if the team chat should include status messages, such as users logging in and out, or only chats sent between team members
Choose if you want to receive pop-up notifications for messages received in a team chat and/or in a session chat
Choose if you want to hear an audible alert when another user requests to share a session with you. If you would like to upload a custom sound for shared sessions, click the […] button and select a WAV file on your computer. The file can be no larger than 1MB
You also can choose to receive pop-up notifications for certain events
These notifications will appear independent of your console and on top of other windows. Set where you wish to see pop-ups and how long they should display
SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 11©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
PRIVILEGED REMOTE ACCESS 22.3 ACCESS CONSOLE USER GUIDE Choose if you want to automatically start screen sharing when you begin a session
You can choose to open sessions as tabs in the console or to automatically detach sessions into new windows
Set the default quality and size for a screen sharing session. When screen sharing starts, you can automatically enter full screen mode, which in turn can automatically collapse the chat bar
Also when screen sharing starts, the remote system can automatically have its display, mouse, and keyboard input restricted, providing a privacy screen
Select the default RDP display size for all RDP sessions
An option allows you to open a PRA connection expanded across all the monitors on the client computer regardless of the client monitor configuration. With this feature, you can fully utilize all the monitors connected to the client computer, therefore being able to adjust screen sizing and scaling during an RDP session across multiple monitors
If you want to use your own RDP tool, check Open remote RDP Sessions with an External Tool
For easier access to screenshots you capture from the console, set the default directory where you will save your console-captured remote screenshots
For easier file transferring, set the default directory from which you wish to start browsing your local file system
SALES: www.beyondtrust.com/contact SUPPORT: www.beyondtrust.com/support DOCUMENTATION: www.beyondtrust.com/docs 12©2003-2022 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or TC: 9/2/2022depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority
BeyondTrust Privileged Remote Access enables you to access remote endpoints by connecting to them through the BeyondTrust Appliance B Series. Use this guide only after …
Documemt Updated
Popular Download
Frequently Asked Questions
What is beyondtrust privileged remote access?
BeyondTrust Access Console This guide is designed to help you install the BeyondTrust access console onto your computer and understand the features of the solution. BeyondTrust Privileged Remote Access enables you to access remote endpoints by connecting to them through the BeyondTrust Appliance B Series.
Who has the administrative rights on the remote system?
The administrative rights must be either a local administrator on the remote system or a domain administrator. The client files are pushed to the remote system, and a session attempts to start. Note: Jump Items can be set to allow multiple users to simultaneously access the same Jump Item.
How many credentials do i need for privileged remote access vault?
The credential list recommends no more than five credentials. Check Out and Check In Vault Credentials You can easily access the Privileged Remote Access Vault directly from the access console. This allows you to check out and check in credentials when needed, either during a session or on your local machine.
How do i use the credential store to log into remote systems?
After the credential store has been configured and a connection established, the access console can begin using credentials in the credential store to log into remote systems. 1. Log into the access console. 2. Jump to a remote system with a Jump Item installed as an elevated service on a Windows machine. 3.