Jump Desktop for Teams provides four primary connectivity options to ensure a seamless remote desktop experience. All connectivity options have end-to-end (e2e) encryption enabled to prioritize your data's safety.
1. Default Connectivity
The default connectivity utilizes our cloud service along with public relay servers to establish a connection. The cloud service attempts to create a direct link between machines. If this fails due to network restrictions, it switches to our public relay servers distributed worldwide. This mode provides a comprehensive feature set and control of who can connect to the machines via the Teams dashboard. In case your internal host machines lack internet connectivity, the Connect app can use HTTPS or SOCKS proxy servers to access our cloud service. This mode is straightforward to set up, manage, and for users to connect.
2. Default Connectivity with On-Premise Relay Servers
This mode resembles the default connectivity but uses your own relay service instead of our public relay service. If Jump can't establish a direct connection between devices or you've enabled the forced relay-only mode in Connect Settings, it routes the connection through your relay service. It is also possible to cluster these relays for optimal uptime. Like the first mode, this too offers a complete feature set and control through the Teams dashboard. This mode guarantees that the encrypted connection protocol data always goes through your servers. It is moderately difficult to set up because it requires running a relay server on your premises but is very end user-friendly.
3. Direct Connections Only Mode
In this mode, Jump refrains from using relay servers or indirect connection methods (like NAT traversal). If the machines can't directly send packets to each other, the connection automatically fails. This mode is perfect for enforcing VPN-only connections where users must connect to a VPN before accessing their computers. If a user is not using a VPN, the connection attempt fails. This mode does require users to establish a VPN connection first, making it moderately challenging for users. Administrators will need to ensure a VPN service exists.
4. Cloudless Fluid Mode
The cloudless fluid mode doesn't use our cloud service for access control checks, connectivity establishment and avoids relay servers. Jump operates like a traditional TCP/IP server, and securing the ports becomes the responsibility of the network administrators. This mode works in an 'air gapped' environment and can function with or without a VPN. Users will need to track and enter the IP addresses for the hosts they want to connect to, administrators will need to ensure IP addresses don't change and make sure the correct networking security measures are in place. This mode requires more technical knowledge and resources, making it the most challenging for users and administrators.
Here is a table summarizing these connectivity modes:
Method | VPN Enforcement | Host Requires Access to Jump Desktop Cloud Service | Teams Dashboard Features | End-to-End Encryption | End User Ease-of-Use | Administrator Ease-of-Use |
---|---|---|---|---|---|---|
Default Connectivity | No | Yes | Full | Yes | Easy | Easy |
Default Connectivity with On-Premise Relay Servers | No | Yes | Full | Yes | Easy | Medium (requires running relays) |
Direct Connections Only Mode | Yes | Yes | Full | Yes | Medium | Medium (requires a VPN service) |
Cloudless Fluid Mode | Optional | No | Limited | Yes | Difficult | Difficult |
Choose the mode that best aligns with your team's networking and security requirements.
Related content:
- On Premise Relay Servers
- Cloudless Fluid
- Administrators Guide to Jump Desktop
- Teams Security White paper
- Connect Settings
Comments
0 comments
Article is closed for comments.