關於 JumpCloud
產品介紹
資源中心
品牌新訊
Reduce Costs with Unified Device and Identity Access Management
At JumpCloud, our mission is to build a world-class cloud directory. Not just the evolution of Active Directory to the cloud, but a reinvention of how modern IT teams get work done. The JumpCloud Directory Platform is a directory for your users, their IT resources, your fleet of devices, and the secure connections between them with full control, security, and visibility.
Build Connections
The advent of the cloud combined with work from anywhere have fundamentally changed the requirements for managing and securing access to the resources people use to get work done.
Two decades ago Active Directory emerged as the centralized system for securely managing and connecting employees to Windows-centric resources. While AD is still the dominant on premises directory used by organizations around the world, the shift to cloud infrastructure, new operating systems, web applications, and workers accessing corporate resources from any location and device, exposed significant limitations to a domain controller. These limitations required third party add-ons which increased complexity and cost, while limiting an organization's ability to succeed through overly complicated IT architectures.
Used by Over 150K Organizations
What Customers Say About JumpCloud
Cloud Directory
API Services
Single Sign-On
Cloud LDAP
Cloud RADIUS
Directory Insights
System Insights
User Lifecycle Management
Multi-Factor Authentication
Device Management
Mobile Device Management
Server Access
Patch Management
Multi-Tenant Portal
Cloud Directory to Connect All IT Resources
Securely manage and connect your users to their devices, applications, files, and networks
One Identity
A unified point of user management and authentication — with no need for on-prem servers or infrastructure. Securely connect users to their workstations, servers, networks, apps, and files. JumpCloud can serve as your authoritative directory or defer to existing identity providers depending on your needs.
Make Work Happen
Do not let a single vendor dictate your resources, such as email, collaboration tools, or video conferencing. Let employees choose the best applications for their work and JumpCloud will take care of the rest.
Vendor Consolidation
The core directory integrates with web application SSO, MFA/2FA, cloud LDAP/RADIUS, SSH key management, Mac/Windows/Linux system management, MDM, identity governance and auditing, and more, without overpaying for a patchwork of point solutions or relying on vendor compatibility.
Open Cloud Directory
Unlike a rigid traditional directory, JumpCloud is a cloud based directory that follows open protocols like SAML, LDAP, RADIUS to allow any heterogeneous resources to be connected and managed.
Centralized Identity
Create or import user accounts in JumpCloud. You can provision differing levels of access based on user group membership. JumpCloud also manages password and secure shell access to the server infrastructure. Admins can model the complexity of the passwords, be alerted to impending expiries and brute-force lockouts, and govern the credentials used for server access among teams of sysadmins.
One-Click Mapping for Identity and Resources
Users in JumpCloud can be quickly and efficiently deployed to devices, applications, file servers, networks, and cloud-based infrastructure.
Google Workspace, Microsoft 365, AD Directory Management
Leverage JumpCloud’s native, API-based integrations with Google Workspace and Microsoft 365 or extend your Okta or AD cloud directory to manage the identities of those critical employee services. Provision new user accounts or import and manage previously existing ones to ensure they are bound to and governed by your core directory, JumpCloud.
Automate and Scale with API Services
Save time, simplify integrations, and scale IT ops with JumpCloud APIs and the PowerShell module
Deploy Powerful Tools to Manage IT Operations
Manage your cloud directory platform with greater ease and efficiency using JumpCloud’s advanced automation tools, APIs, and extensive built-in features. Use our APIs or our PowerShell module to operate at scale by performing operations in bulk across users, devices, and groups — and save time for other high-value tasks.
Scale Fast and Save Time
Customize with RESTful API and SDKs
Operate JumpCloud’s core directory services entirely through RESTful commands to automate and scale your infrastructure. Establish automatic onboarding and offboarding workflows, as well as workflows to manage and export your directory events data. You can also create custom integrations to allow third-party products and services to tap into JumpCloud for authentication — whether on premises or remote — or other tasks. Try out the JumpCloud API by exploring our Golang, Python, and Ruby SDKs in our freely accessible public GitHub repositories.
Save Time and Scale with Automation
Use a variety of in-console features and integrated tools to trigger workflows and take bulk actions in your directory: Execute commands to configure Mac, Windows, and Linux devices at scale. Schedule them to run in the future, on repeat, or in response to a webhook trigger. Use the CSV import and export features to migrate and update users at scale. Deploy an AWS serverless application to store and manage directory events data for auditing and compliance. Integrate JumpCloud with ChatOps solutions to increase security, decrease manual work, and reduce the chance for human error.
Manage with PowerShell Module
Active Directory admins — put your PowerShell expertise to use. Programmatically control your directory from the command line using the JumpCloud PowerShell Module. Automate tasks such as importing and exporting users, customizing user attributes, binding users to devices, modifying data at scale, resetting passwords, triggering commands, and more. The JumpCloud PowerShell Module also works on Linux and Mac.
Single Sign-On (SSO) for All Applications
Secure, frictionless access to any resource, incl
One Identity for Secure Application Access
The average employee uses dozens of applications. Provide convenient but secure access to web and on-premise applications with a single set of credentials.
Featured Applications
Salesforce
Google Workspace
AWS SSO
JFrog
Microsoft 365
Slack
Personio
BambooHR
CrowdStrike Falcon
Atlassian Cloud
Connectors for
Popular Apps
Provide access to apps via SAML 2.0, SCIM, and LDAP, including a catalog of hundreds of pre-configured connectors.
App Identity Management
Create and manage user accounts in applications directly from JumpCloud with SAML JIT and SCIM, plus pass groups, roles, and permissions to those apps.
MFA
at Login
Layer multi-factor authentication (MFA) for SP- and IdP-initiated authentication to SAML-based apps and the JumpCloud User Portal.
Easy Life Cycle Management for Business-Critical Apps
One Dashboard, Unlimited Apps
Set up users to access all their business-critical web apps from their JumpCloud User Portal. SSO from JumpCloud also includes apps that authenticate with LDAP, from IT services (e.g., Jenkins, OpenVPN, or Airwatch) to ticketing and control systems (e.g., Atlassian Jira) to on-prem attached storage systems (e.g., Synology or QNAP).
Simple and Scalable User Management
Create groups based on employee department or job role, then associate those groups to applications to restrict access and provide appropriate authorizations and permissions. Save time onboarding by adding a new user to a group and automatically granting them access to associated apps. From a single console, manage access, user attributes, account provisioning, and deactivation with a growing list of SAML and SCIM connectors.
One Identity for All Resources
Extend user identities beyond applications. Give users a single, secure set of credentials to access virtually all their IT resources, including macOS, Windows, and Linux devices, cloud infrastructure, files, and networks. This simplifies the login process for users and eliminates identity sprawl in your environment.
Built-in Security
Protect the JumpCloud User Portal with multi-factor authentication (MFA), including Google Authenticator, Duo, FreeOTP, Microsoft Authenticator, Yubico, and more. Layer additional security with Conditional Access policies to grant or restrict access depending on whether users work from trusted networks and devices.
The Power of LDAP in the Cloud
JumpCloud LDAP lets you connect your users to their on-premises applications and file servers from anywhere — all without having to stand up your own endpoints on-prem
All of the Functionality, None of the Setup
Cloud-hosted LDAP provides you with all of the abilities of the LDAP protocol with none of the usual setup, maintenance, or failover requirements of traditional LDAP implementations. Since our cloud LDAP servers are already stood up and ready to use, all you need to do is point your LDAP-connected endpoints to JumpCloud and you’re on your way.
No Server Hardware
Cloud LDAP means no need for on-premises hardware — and all of the maintenance involved with keeping hardware up to date like patching and failover.
Always On
JumpCloud’s global network of LDAP servers is built for high uptime and low latency. We take care of the availability, security, load balancing, elastic scaling, and redundancy so you don’t have to.
Group Control
Establish LDAP access based on user groups to manage authorization by the principle of least privilege.
Benefits of Cloud LDAP
Complete Control
Manage LDAP access from your browser through the JumpCloud Admin Portal, as well as through your command line or our RESTful APIs. With group-based access controls, you can streamline LDAP management to best suit your needs.
Hyper Secure
Our OpenLDAP RFC 2307 compliant cloud LDAP offering is encrypted by LDAPS & Start TLS, ensuring your LDAP authentication remains as secure as possible. What’s more, you can require multi-factor authentication upon entry to LDAP resources to keep your data locked down.
AuthN to Apps & Services
JumpCloud provides authentication for any application or service that can defer authentication via LDAP. Integrate with apps such as Atlassian Jira and Confluence or with DevOps infrastructure such as Jenkins, Ansible, Kubernetes, Docker, OpenVPN, and thousands of others.
NAS Authentication with LDAP & Samba Attributes
LDAP-as-a-Service includes secure support for authentication and group-based authorization on Samba file servers or commercial NAS appliances such as Synology, QNAP, Morro Data, and more.
No-Setup Network Control with Cloud RADIUS
Deploy cloud RADIUS servers to provision and deprovision user access to VPN and Wi-Fi networks from your browser. Secure with MFA.
All the Power of RADIUS, None of the Server Hassle
Get the strength and security of the RADIUS protocol without building, maintaining, or monitoring physical servers. Quickly roll out managed RADIUS to your organization to authenticate users to Wi-Fi, VPNs, switches, and network devices securely.
Secure
VPN Access
Support and secure access to VPNs, including Meraki, Palo Alto, OpenVPN, and more. Add multi-factor authentication (MFA) to VPN login to increase security.
Authentication with Third-party Credentials
Embrace RADIUS authentication within your established policy and identity provider (IdP) such as Active Directory, Azure Active Directory, or Okta through the JumpCloud platform. Available when paired with cloud directory and cloud RADIUS.
Network
Segmentation
Segment user access through dynamic VLAN tagging. Use VLANs to isolate network devices from one another, and implement it easily without on-premises infrastructure.
Cloud RADIUS Benefits
Simply point your Wi-Fi network and VPNs to JumpCloud’s RADIUS servers and enable users to access networks with the same core identities they use to access other resources.
Save Time and Money
Leave the heavy lifting to JumpCloud, eliminate the costs associated with maintaining physical RADIUS servers, and use managed RADIUS as part of your core directory platform or as an extension of established IdPs (such as Azure AD).
Ensure Network Security
JumpCloud automatically generates complex passwords (shared secrets) for authentication between your WAPs and JumpCloud’s RADIUS servers. This maintains a secure connection between infrastructure endpoints while users log in with their individual credentials. An additional method, certificate trust, verifies that your client desktops, laptops, and mobile devices are talking to the correct RADIUS server. Alternatively, delegate RADIUS authentication, security, and policy from established IdPs such as Azure AD.
Control User Access
Each RADIUS server you add to JumpCloud can be connected to user groups to provision network access at scale and to restrict specific networks or VPNs to specific groups of users. Further segmentation is possible through dynamic VLAN tagging.
Give Users Easy, Yet Secure, Access
Eliminate shared credentials for Wi-Fi but ensure continued easy access for users via their core identities. Users don’t need to keep passwords on sticky notes or whiteboards because they have just one secure (and unique-to-them) password to remember. Plus, with those same core identities, grant users access to VPNs for use when they work on unsecured networks.
Encryption Built-In
Cloud RADIUS is secured and audited by security experts. JumpCloud’s RADIUS servers can be configured to use EAP-TTLS, PAP, or PEAP, as well as support WPA2 Enterprise and RADIUS encryption modes.
Transform Events into Insights
Save time and gain visibility across every user identity, device, and resource to meet compliance requirements and troubleshoot issues from one screen.
Centralize Your Directory Data
Directory Insights surfaces data at the core of your organization as events in a standard format you can query in real time — all from a centralized view of user activity and access to corporate resources.
Ready-to-Use
Insights
Eliminate the time spent collecting and formatting logs across disparate point solutions. Directory Insights aggregates event logs across user activity and virtually every IT resource, and surfaces them in a standardized format with instantly actionable data.
Prove Compliance Without Hassles
Create audit trails leading up to critical events so you know the who, what, where, when, and how across directory activities to certify organizational compliance. Easily meet industry standards and procedures like SOC 2, PCI DSS, and HIPAA.
Analyze End-to-End Events
Equip your team with insights when you need to investigate events across user activities and cloud or on-premises resources, including SSO applications, LDAP servers, RADIUS networks, MDM commands, and every managed Mac, Windows, and Linux device.
Customize and Save Your Insights
Find, filter, export, and save your Directory Insights data for as long as you need to from the JumpCloud Admin Portal or via API.
Fast Access to Data
Look at the Directory Insights Activity Log in the JumpCloud Admin Portal, or use the API to filter, search, and save events to archive your data, manipulate it, and meet compliance.
Data Drill Down
Drill down into your data with the attributes of your choice and save go-to views, or select from preconfigured views to apply common scenarios to sift through events efficiently.
Export and Save Your Insights
Download Directory Insights logs as JSON or .csv files, and ingest your directory data into a SIEM or other log management tool for advanced threat detection and security analysis.
Long-Term Data Storage
Archive your Directory Insights data for as long as you need to for deeper analysis, storage, and compliance requirements. Use a AWS S3 serverless application to automate when your data is exported.
Comprehensive Visibility Into Critical Device-Level Information
Identify potential security risks, shut down threats, and streamline compliance efforts with access to accurate, real-time data across managed Windows, Mac, and Linux devices.
Centralize Your System Data
System Insights® collates event data across all JumpCloud managed devices. This data provides a real-time centralized view of detailed device level information across the organization, enabling admins to proactively identify issues and minimize security risk associated with out of date or unapproved programs and applications.
Ready-to-Use
Insights
Eliminates time spent tracking assets across an organization with out-of-the-box details on device hardware, Operating System, programs, extensions, and network information.
Improve Compliance Efforts
Gives admins a clear picture of who has access to a device via local user accounts, what software versions are running that device, and when critical patches have been installed.
Easily
Accessible Data
Get the data you need however you need it, through export via csv in the JumpCloud admin portal or through the API, which gives a fleetwide snapshot of critical device information.
Fast Access to Data
View System Insights data within the JumpCloud Admin Portal, export to csv, or use the API to send your system data to a SIEM, Asset Management system, or analytics platform for advanced reporting and anomaly detection.
Granular Visibility to Applications on Individual Devices
System insights delivers robust fleetwide information on device OS, applications, and program versions that help administrators assess device health and identify non-compliant systems for immediate remediation.
Automate your Hardware Inventory Management
Identify aging devices across the organization by collecting information on memory, storage capacity, uptime, and shared resources. This allows for more granularity in IT budgeting and ensures employees don’t have unwanted downtime from device malfunctions.
Security at its Core
Allow Security and DevOps teams to interrogate machines, identify critical security vulnerabilities, and proactively remediate potential issues without interruption to employees.
One Identity to Rule Them All®
One identity, one credential, one platform to unify your user management needs
Streamlined Secure User Lifecycle Management
The JumpCloud Directory Platform centralizes user management for virtually all of the resources at play in your organization — via a single set of credentials. With one location to manage access to Windows, macOS, Linux, cloud and on-prem applications, networks, infrastructure, and more, you can streamline operations while ensuring everyone has secure access to the resources they need.
User
Self-Service
Enable end users to change their JumpCloud password themselves, either online from their User Portal or directly from their device to avoid potential phishing attacks.
Full-Scale User Lifecycle Management
Provision, deprovision, and manage user identities in applications fast using SAML SSO, Just-in-Time (JIT) provisioning, and SCIM identity management capabilities.
User
Insights
Built-in monitoring and event logging capabilities let you hone in on authentications and user identity changes that may suggest security vulnerabilities so you can act accordingly.
Streamlined Secure User Lifecycle Management
Quick and Efficient Onboarding/Offboarding
Use group-based access control to instantly grant new users access to the resources their role/department requires. When a user leaves your organization, simply suspend their account and their resource access goes with it — keeping confidential data and processes secure.
Remote User Management
Unlike traditional directory services, JumpCloud leverages cloud infrastructure to provide you with full remote control over your user base. No VPN is required to push changes or grant access.
Secure Identities
Full-scale password and SSH key management capabilities grant you the ability to ensure users are as secure as possible when authenticating. Backed by TOTP, Duo Push, or WebAuthn physical key MFA, JumpCloud makes sure that your users’ identities are safe.
Extend Identities Through Integrations
Rely on external directories like Google Workspace, Microsoft 365, Active Directory, or Okta? JumpCloud integrates with all of them, syncing your user bases and giving you one centralized location to manage them all from the cloud.
Multi-Factor Authentication Made Easy
One-touch, frictionless authentication to secure IT resources, prevent unauthorized access, and bring you to a Zero Trust Security model.
Strong Authentication and Frictionless Access with the Push of a Button
Secure employees’ access to applications, devices, networks and other resources with an effective multi-factor authentication solution that focuses on a seamless end-user experience.
Secure, Flexible Access Everywhere
Easily add multi-factor authentication regardless of where your users work. Easily enforce push-based, time-based one time passwords (TOTP), hardware keys, biometric or other methods to ensure secure access to applications, devices, networks, and more.
Contextual and Risked-Based Access
Protect your company from possible breaches while simplifying your employees’ experience. Create conditional access policies that assess risk factors –such as device, network, or location – and adjust MFA enforcement based on situational or business needs.
Fast Deployment, User-Friendly Enrollment
Set up MFA with your applications, devices, networks or other IT resources with minimal overhead. User-friendly, self-enrollment enables you to provision users to your multi-factor authentication solution quickly and allows them to sign up and enroll their own devices.
Multi-Factor Authentication Done Right
Secure employees’ access to applications, devices, networks and other resources with strong multi-factor authentication that increases security while reducing friction for your users.
Easy Implementation
Adding MFA to your security program regardless of where you or your users are working, is easy. All you need to do to enforce MFA is activate it for your organization through the JumpCloud Admin Portal.
Frictionless User Experience with JumpCloud Protect™
The JumpCloud Protect™ mobile application makes it easy for your users to use their own iOS or Android devices as a second factor for push-to-verify process, time-based one time passwords (TOTP), U2F keys, or in-device biometrics for multi-factor authentication.
Biometric Authentication
Take a step towards a passwordless future by leveraging biometric authentication using devices that your users already have. Leverage Apple Touch ID or FaceID, Google Fingerprint, or Windows biometric authentication as an additional factor to verify a user’s identity.
Strong authentication with Hardware Tokens
Create an easy-to-use, strong authentication experience with a YubiKey security token as a second factor or the combination of a hardware key and pin for multi-factor login. End users can self-serve their key activation — all you need to do is activate WebAuthn in JumpCloud and dropship them their keys.
Secure Access Your Way
Whether your users are working on-premise or remotely and accessing resources through the cloud or through a VPN, JumpCloud adds an additional layer of security to verify identity and protect your devices, applications, and other IT resources from authorized access.
Unify Device Management
Securely manage the Windows, Mac, and Linux devices at your organization from a single cloud platform
Freedom to Manage Every Device
Your IT environment shouldn’t be limited by vendors, policies, or protocols. JumpCloud’s directory platform lets you manage every end user computer and workstation, anywhere they are, from a single console.
One Console for
Every OS
Bring together the Windows, Mac, and Linux devices at your organization within one cloud console for centralized operating system management.
Security Without Hurdles
Secure your organization’s devices that carry sensitive data by enabling the right posture and compliance standards.
End-to-End
Insights
Directory Insights surfaces every event across devices and more so you can see everything that happens in your environment, while System Insights provides near real-time reporting for every managed device for robust monitoring.
Features at Your Fingertips
JumpCloud gives you full control over the devices your employees use and the IT resources they access. It’s easy to achieve compliance, meet security standards, and lift your infrastructure to the cloud – all from a single platform that centralizes the services you need.
Meet the JumpCloud Agent
The JumpCloud agent is powerful for IT administrators but invisible to end users on managed devices. It unlocks capabilities for managed users and resources to give employees an easy, secure way to manage their identity and access their work resources on a secure device. Is your organization working from home or distributed offices? Employees can download the JumpCloud agent on their devices wherever they’re working.
Enforce Configurations (Policies)
Leverage JumpCloud’s policies for Mac, Windows, and Linux to implement security and configuration settings across your devices. Choose from a selection of point-and-click templates to manage screensaver settings, disable USB storage, enforce full-disk encryption, and more.
