Hi Everyone.I am new to PRA and have few questions that I would like to clarify. Appreciate your feedback on these.When we have PRA Cloud and On-Prem Jump Cluster deployed. Does the Jump clients communicate to PRA cloud via the Jump Points or they make a direct outbound connection to PRA cloud by default? Typically each Jump Point handles around 25 concurrent connections? Are they also storing any session recordings locally? typically what should be the specifications for the Jump server for a mid size org like (CPU, Mem and Disk)? Is there any sizing calculator that we can use or some assumptions to take into consideration when determining the resources required for sizing the Jump Point? If we have AWS and On-Prem servers, Can we do segregation for Jump Points? Like for Azure environment, deploy a Jump cluster there that would be specifically used to access servers deployed in Azure and Deploy another On-Prem Jump cluster that would be typically used to access servers deployed on Prem? When we have Password Safe cloud and PRA cloud, do we need to have a separate server for Endpoint Credential Manager to do the integration for credential injection or the integration is built-in the cloud and we don’t need to have any dedicated servers for the integration?

PRA Questions | Community

Hi Everyone.

I am new to PRA and have few questions that I would like to clarify. Appreciate your feedback on these.

When we have PRA Cloud and On-Prem Jump Cluster deployed. Does the Jump clients communicate to PRA cloud via the Jump Points or they make a direct outbound connection to PRA cloud by default?
Typically each Jump Point handles around 25 concurrent connections? Are they also storing any session recordings locally? typically what should be the specifications for the Jump server for a mid size org like (CPU, Mem and Disk)? Is there any sizing calculator that we can use or some assumptions to take into consideration when determining the resources required for sizing the Jump Point?
If we have AWS and On-Prem servers, Can we do segregation for Jump Points? Like for Azure environment, deploy a Jump cluster there that would be specifically used to access servers deployed in Azure and Deploy another On-Prem Jump cluster that would be typically used to access servers deployed on Prem?
When we have Password Safe cloud and PRA cloud, do we need to have a separate server for Endpoint Credential Manager to do the integration for credential injection or the integration is built-in the cloud and we don’t need to have any dedicated servers for the integration?

Page 1 / 1

Anyone?

Hello @sami - I’ll do my best to answer your queries below, best to my knowledge:

Jump Clients will always try a direction first, back to the appliance, without any Jumpoint before any other type of connection. Hence, even if you have a Jump Zone Proxy set up (Jumpoint in Jump Client proxy mode), if the Jump Client can make it’s own connection back to appliance, it will.
Jumpoints can handle 25 RDP sessions or 200 of SSH type. We have a guide on the required set up here: https://www.beyondtrust.com/docs/privileged-remote-access/how-to/jumpoint/requirements.htm
This would be the recommended set up, as Jumpoints only really operate within the subnet they are installed to. Hence, you would need to two different Jumpoints for a AWS and Azure set up’s.
With the later versions of PWS, there is the ECM built-in in to it. You do not require an exteral ECM server, but you can create and use one should your requirements change in the future.

I hope these answers help you, and thanks for using the forums!