JumpCloud — Directory as a Service

JumpCloud is a Directory as a Service solution that provides device authentication and management, user control and secure identity for all IT resources, directory integration, Single Sign On and Zero Trust implementation that limits who can access resources based on their identity, device and network trust or their location.

How do we work today?

There are also some other aspects we have to take into account. There is a broad diversity of devices used in corporations — Windows, Linux, Mac. We have to be able to manage them and protect the data. There are also cloud native companies that don’t have any resources on premises — all cloud infrastructure is in the cloud.

Security is more important than ever

How can we provide secure access?

It is very important to have one solution that can glue all those steps together. Going into multiple silos solutions will add a lot of additional work to our administrative team, and this certainly isn’t what we want.

That’s why JumpCloud is an ideal solution for this task. Let’s see what we can do in each and every part of the above process.

Verify Identity — one secure identity for all IT resources

  • Protected by MFA
  • User identity and attribute management
  • NIST-based password and SSH key management
  • Group membership and authorization
  • User password management self service
  • Directory integrations
  • Google Workspace (G Suite)
  • Microsoft 365

Verify Device — device as a gateway

  • MacOS, Windows and Linux workstation & servers
  • Agent-based binding and control — no VPN required
  • User account management & authentication control
  • Cross-OS configurations / policies
  • MDM for MacOS
  • Zero touch deployment for MacOS
  • Software Management for Windows and MacOS

Secure Network

  • Authenticate network through RADIUS

-> Native FreeRADIUS authentication endpoint

-> WPA-2 Enterprise encryption

-> vLAN tagging and reply attribute support

-> MFA-protected

  • Conditional Access

-> Geofencing

-> IP Allow/Deny List

-> Verified secure device

Secure Auth with open protocols

  • SSO

-> SSO for 700+ business applications

-> SAML JIT + SCIM User Provisioning support

-> Universal SAML 2.0 connector for custom app authentication

-> IdP and SP-initiated support from User Portal

  • LDAP

-> Native OpenLDAP authentication endpoint

-> LDAPs (636) and StartTLS (389) security

-> Samba NAS authentication

-> Extensive LDAP attribute support

-> App, network and on-premise equipment authentication

  • RADIUS

-> Native FreeRADIUS authentication endpoint

-> WPA-2 Enterprise encryption

-> vLAN tagging and reply attribute support

-> MFA-protected

Conditional Access

  • MFA

-> Portal and authentication endpoint MFA

-> Privileged network MFA

-> Mac, Windows & Linux MFA

-> MFA choice (TOTP, Duo, YubiCo)

-> WebAuthn (fingerprint scanner, hardware tokens)

-> JumpCloud MFA app (coming soon)

  • Conditional Access

-> Identity Trust

-> Device Trust

X509 certificate

-> Network Trust

IP allow and deny list

  • Global access policy

With this kind of solution, no matter if you’re a small or large company, 100% cloud native, or you have some solutions on site, you can be sure to have full control over your accounts and resources. If you have any questions, please contact us.

Author: Jacek Bochenek, Cloud and Security Team Leader — CISSP, CISM, CCSP

The images used in this article are the property of JumpCloud and used with their permission.

human-centric software design & development. check out our website: www.iteo.com