Pritunl has JumpCloud listed as an authentication provider. Pritunl VPN will be available within the JumpCloud User Console Pritunl SSO Setup Group membership grants access rights to the VPN The link below is a detailed guide for admins who are unfamiliar with using JumpCloud. Setup Groups and PermissionsĬlick on the User Groups tab and add the group(s) that should have access to the VPN service. You’ll be required to copy the key into Pritunl’s GUI in a later step. Pritunl requires the “org” attribute for group membershipsĪctivate the JumpCloud SSO connector once you’re finished and download the certificate. The redirect endpoint ensures that JumpCloud’s console will be used to log users into the VPN Your Pritunl FQDNs and JumpCloud IDs may differ, but the fields should be formatted as outlined below: The settings on this screen are case-sensitive on both systems any typo will result in errors and the integration will fail. Then, navigate to the SSO tab and enter an Entity ID that’s unique to your organization’s environment. More context is available in JumpCloud’s SAML how-to article should you have any additional requirements. Select “Customer SAML App” and begin by filling in the requisite information to label your connector and choose a color scheme and logo. Create a SAML ConnectorĬlick the SSO button in the left frame of the administrative console and hit the “plus” sign to start a new SSO connection. Continue to the next section if one isn’t available. JumpCloud provides hundreds of free connectors as part of your subscription, and is routinely adding more, so search for it before you move ahead with this project. The initial step is to create a custom SSO connector for Pritunl. Detailed guidance about how to install or subscribe to Pritunl managed services can be found on its website. Now, let’s discuss how to get started with integrating JumpCloud and Pritunl. JumpCloud’s platform provides vital cross-OS Zero Trust management and security that those systems lack. Our platform integrates and extends existing directories such as Active Directory, Azure AD, or Google Workspace. This capability isn’t limited to the JumpCloud directory. Attributes such as “manager” are actively polled to verify memberships, which saves time managing users and helps IT admins avoid potential security issues from internal and external threat actors. JumpCloud utilizes attribute-based access control (ABAC), which suggests membership changes when a user should (or shouldn’t) have access to IT resources. They’re similar in that access to your VPN is determined by group membership(s), but JumpCloud’s user management is designed for the modern era. The JumpCloud directory handles permissions differently than traditional on-premise solutions such as Microsoft’s Active Directory. This added security is accomplished without installing and maintaining additional software or hardware. Conditional access leverages these capabilities so that only compliant devices are granted access to your VPN. Other features manage and secure your devices, cross-OS, with patching and pre-built policies that act to harden systems against common security exploits. JumpCloud then layers on security features, including environment wide multi-factor authentication (MFA) and conditional access, to determine which devices may access your VPN and from where. The cloud directory extends to single sign-on (SAML SSO) to direct users to the JumpCloud portal for authentication. JumpCloud’s LDAP directory underpins access control and has integrated Zero Trust security features that continuously authenticates and authorizes users. This solution protects your confidential information and systems while reducing the costs that are traditionally associated with remote IT access. The benefits extend beyond connectivity: JumpCloud layers on additional Zero Trust security controls that are transparent to the end user beyond being prompted to authenticate themselves when they’re accessing IT resources. It’s functionally the same as VPN appliances that you’d pay a reseller to obtain at high cost. OpenVPN is a mature, widely used solution that’s been available for over two decades. JumpCloud provides your directory of users and devices or will extend your existing directory. JumpCloud provides identity and access management (IAM) infrastructure through the cloud that you can configure to manage Pritunl, an open source VPN that’s based on OpenVPN. This makes strong perimeter security achievable at sustainable costs. The domainless enterprise presents a solution, minus the expensive hardware to manage your directory and access control (and especially your VPN). The cost of network hardware, in particular, can be a major obstacle that places constraints on what IT admins can accomplish. It’s the worst-kept secret in IT: small and medium-sized enterprises (SMEs) must use their budgets judiciously.
0 Comments
Leave a Reply. |