The JumpCloud Platform

Written by Zach DeMeyer on July 15, 2020

Share This Article

The JumpCloud® Directory-as-a-Service® platform is, at its core, a directory. It’s a directory for users, your IT resources, your system configurations, and the connections between them all. As a full-blown directory service, JumpCloud’s platform reimagines Active Directory® and LDAP for modern IT organizations. Let’s talk about what led to the introduction of the JumpCloud product, and what it can do for IT administrators.

Before JumpCloud

Traditionally, the directory service — often Active Directory — handles authentication, authorization, and basic management of Windows systems. AD authenticates users to their machines, the domain, and other Windows-based IT resources. Through group membership controls and other mechanisms, AD authorizes access to various IT resources, even leveraging role-based access approaches at times as well.

This group membership-based approach paves the way for managing Windows devices through Group Policy Objects (GPOs). GPOs help IT admins set security and configuration policies, among other things, across groups of systems. By establishing these three pillars of identity and access management (IAM), AD became the standard in directory services.

Cracks in the AD foundation emerged, however, as the IT world shifted. Web applications, cloud infrastructure, macOS® and Linux® systems, and remote work stretched the reach of AD, ultimately eluding its management abilities. This is largely due to the fact that AD’s domain-based approach to identity management relies on resources being directly connected to AD servers through on-premises wiring.

To make up for these shortcomings, the directory service, while still core to an organization, is often supplemented with additional tools. These include Identity-as-a-Service (IDaaS) / web application single sign-on solutions, directory extensions, multi-factor authentication tools, audit logging and governance capabilities, and more.

Although IT organizations can now manage all of their users and resources, it comes at the cost of a suite of IAM. They need to adopt even more tools like mobile device management (MDM) solutions to manage systems and devices.

For a long while, it seemed like there was no single solution that could manage most of an IT network like AD once did. Enter, JumpCloud’s Directory-as-a-Service platform. 

JumpCloud’s Role in IT

JumpCloud’s mission is to be One Directory to Rule Them All®. That’s one directory for all users. One directory for all IT resources. One directory to build the connections between those users and IT resources. One directory to manage and understand every system.

The JumpCloud platform offers all of this while providing full visibility and control to IT admins. It’s a bold vision to reimagine the directory service, a long-forgotten category at the center of virtually every IT network in the world.

In order to understand the role the JumpCloud platform plays in IT, we’ll start by redefining the various “directories” at play in an organization and how JumpCloud manages them. Then, we’ll translate how that new definition overlaps with many, once-siloed categories of IT management software.

Defining Directories

  • Directory of Users – At the core of a directory service is users, their identities, and any associated attributes about the user, including group membership information. JumpCloud and legacy directory services all have these basic capabilities.
  • Directory of IT Resources – Building a catalog of all of the IT resources within an organization (i.e., applications, storage systems, servers, VPNs/WiFi networks, etc.) is critical. Understanding what IT resources are within an organization and who has access to them is fundamental to IT admins, and subsequently a fundamental offering of the JumpCloud platform — regardless of the resource in question. 
  • Directory of Systems – Many admins struggle to assess what’s going on with their fleet of systems, especially following the rise of macOS and Linux in the market. Although AD runs policies on Windows systems, JumpCloud provides full visibility and control over all three major platforms.
  • Directory of Connections – At the center of a modern directory like JumpCloud are the associations between users and their IT resources. This map of users and their access rights is central to JumpCloud’s ability to authenticate and authorize user access to systems, applications, data, and networks.
  • Directory of Controls – Through JumpCloud’s platform, IT admins can create a set of controls and policies for devices and access rights. They can federate these to users and systems via group membership or individually as needed.
  • Directory of Usage – With JumpCloud’s intensive logging and telemetry data, IT admins have full visibility into when and how users access their resources. This level of insight proves crucial for organizations looking to achieve compliance.

Centralizing Solutions

To sum up, JumpCloud’s cloud directory service offers a modern incarnation of Active Directory that expands upon traditional definitions of a directory. Because this is a radically new way to look at the directory service, we’ll also define what the JumpCloud Platform does using well-known industry categories:

  • Directory Service – The core of JumpCloud is the directory service, making it nearly a one-to-one alternative to Active Directory.
  • SSO & User Lifecycle Management – Included in the JumpCloud platform is SAML single sign-on (SSO) and user lifecycle management services that include SCIM provisioning and deprovisioning capabilities on top of controlling access to on-prem / web applications, systems, and servers.
  • MDM / System Management – Full system management capabilities are available within the JumpCloud platform, including user management control, GPO-like policies across all three major OSs, and ad hoc command execution. Admins can also use built-in Apple MDM to control macOS systems even further.
  • Cloud LDAP & RADIUS – Instead of on-prem authentication services via LDAP and RADIUS servers, the JumpCloud platform presents these capabilities via global network infrastructure of cloud-based LDAP and RADIUS servers.
  • Multi-factor Authentication – Every identity within the JumpCloud platform can be protected using MFA / 2FA services, including system, application, and VPN access. End users can leverage TOTP services like Google Authenticator or physical U2F devices such as Yubikeys as their additional factor.
  • Governance / Audit Logging – Because virtually all user access is managed through the JumpCloud platform, IT organizations can have full visibility into their end users’ access patterns and behavior. Detailed audit logging and governance data can be made available directly from the platform to centralize compliance needs.

The JumpCloud platform stands alone as the only modern directory service that integrates a wide range of IT management categories to provide a single solution for organizations.

Try the JumpCloud Platform

The entire JumpCloud platform is available for free for your first 10 users. Simply sign up to jump in, with 10 days of 24×7 chat-based implementation support to help you get started.

Continue Learning with our Newsletter