Only privileged operating environments can communicate with jump servers.
Topic
Administrative infrastructure
Applicable to
all
History
Priority
must
Dec 2023
Removed
The existing control relating to only privileged operating environments being able to communicate with jump servers, along with the existing control relating to only jump servers being able to communicate with assets requiring remote administration, were replaced with a new control recommending network devices that do not belong to administrative infrastructure be prevented from initiating connections with administrative infrastructure. [ISM-1381, ISM-1388, ISM-1899]
Mar 2022
Only privileged operating environments can communicate with jump servers.
The security of administrative activities can be improved by segregating administrative infrastructure from an organisation’s wider network. In doing so, the use of a jump server (also known as a jump host or jump box) can be an effective way of simplifying and securing administrative activities. Furthermore, using separate jump servers for the administration of critical servers, high-value servers and regular servers can further assist in protecting these assets.
2015
Agencies must ensure that dedicated workstations used for privileged tasks are preventedfrom communicating to assets and sending and receiving traffic not related to administrativepurposes.