Remote Consoles: Auditable and Least Privilege Access for Third-Party Support 

OpsRamp controls and tracks access to modern hybrid infrastructure with secure remote consoles. Remote consoles help IT pros gain access to distributed resources and execute tasks on the target device/resource. All remote sessions are recorded for playback so that IT teams can use these session recordings for audit compliance, change management, and training.

OpsRamp’s remote consoles help IT teams manage access to hybrid, multi-cloud, and cloud native infrastructure with support for a wide variety of protocols including RDP, SSH, Telnet, VNC, and RSH. Support teams responsible for application and infrastructure management can log into OpsRamp for resource-specific access and perform regular maintenance activities, install upgrades, and fix issues with confidence. The entire session is then recorded and saved in the OpsRamp portal for audit trails, issue analysis, and remediation training. 

Just-in-Time Access: Time-Bound Requests for External Support Teams

Most mid-sized and large enterprises have thousands of hybrid infrastructure resources across owned/leased datacenters and multiple public clouds. These IT teams have support contracts with either original equipment manufacturers (OEMs) or managed service providers (MSPs) for the maintenance and optimization of hybrid infrastructure resources. 

Every week, an IT operations team might provide third-party access for various support requests. Instead of exchanging log files, hotfixes, or troubleshooting instructions over email or having support teams travel onsite, OpsRamp’s remote consoles provide on-demand and secure access to both internal teams and third-party technicians for real-time resolution. 

OpsRamp’s Just-in-Time access ensures the right levels of enterprise security and compliance by providing time-bound access to external users for a specific time. Just-in-Time access ensures a seamless support experience for third-party managed resources by eliminating VPN connectivity requirements, ensuring role-based access controls (RBAC) compliant support, and auditing of external user action on critical enterprise IT infrastructure. 

Just-in-Time access can also ensure a troubleshooting knowledge base for externally managed resources so that IT teams can address recurring issues without third-party support teams. Just-in-Time access is part of the Time-Bound requests feature in OpsRamp’s service desk module. Here’s how IT teams can configure external support teams for secure remote access within OpsRamp:

  1. Create external user credentials within the OpsRamp portal.
  2. Assign specific resources for remote access by external users. 
  3. Provide the right role-based access control (RBAC) permissions for proper user privileges and restrictions. 
  4. Mention the Start and End times for external user access. Just-in-Time access lets IT teams configure access privileges for either ad hoc or recurring activities. 
  5. Assign permissions for remote console protocol access (RDP, SSH, Telnet, VNC and RSH) for external users. 
  6. Once a session is about to expire, external users can submit requests for session extension if they need more time for maintenance and troubleshooting. An email gets triggered to the relevant admin for further extension.
  7. Replay recorded session files to ensure issue resolution or to train internal teams on incident troubleshooting.

Delivery timely access

Deliver timely IT infrastructure access to external teams with Just-in-Time access.

Just-in-Time access also tracks every action performed by support contractors and helps train internal teams on frequent IT issues with playback recordings. It’s the right level of flexibility and control that helps IT teams work with external support teams in a compliant manner for resolving issues promptly. 

Next Steps:


Recommended posts