What is a Jump Server?
A jump server (also known as a jump host, and sometimes referred to as a Bastion Host) is a secured intermediate server that acts as an access bridge between an external network (such as IT or the internet) and an internal, often more sensitive network (such as OT or a SCADA zone).
Jump servers are used to give administrators or external parties controlled access to systems within isolated networks, without granting direct access to those systems.
🎯 Purpose of a Jump Server
- Protect sensitive networks (such as OT environments)
- Centrally manage and control external access
- Prevent direct connections between IT and OT
- Facilitate secure Remote Access for maintenance or administration
🔧 How does it work?
- The user logs in to the jump server via a secure connection (e.g. VPN + RDP or SSH)
- From this jump server, a connection is established with internal systems
- Activities can be logged, monitored and restricted
🧱 Characteristics of a Jump Server
| Characteristic | Description |
|---|---|
| Layered access | Access to sensitive systems only via a single controlled point |
| Authentication | Often 2FA or integration with Active Directory |
| Logging & auditing | Activities are recorded for analysis or compliance |
| Protocol support | Supports RDP, SSH, VNC, web access, etc. |
| No direct routes | Prevents direct communication between external and internal networks |
🔐 Jump Servers in OT security
In industrial networks (e.g. according to the Purdue Model), jump servers are typically located between IT (level 4) and OT (level 3 or 2) within a DMZ (Demilitarized Zone).
This prevents an attacker from reaching machines or PLCs directly via IT.
✅ Benefits
- Security: prevents uncontrolled access to sensitive systems
- Auditability: sessions can be monitored or recorded
- Network separation: prevents direct coupling between IT and OT
- Compliance: helps meet standards such as IEC 62443 and ISO 27001
📌 In summary
A jump server is a secured access gateway providing safe and controlled access to internal networks, such as OT environments. It is a crucial element of a layered cybersecurity strategy.