If you missed our recent Office Hours panel discussion with Justin Price, IT Manager and JumpCloud Administrator, you’ve come to the right place to learn some of the highlights.
Justin was responsible for setting up Chase International’s first ever cloud directory — during a pandemic, no less.
JumpCloud’s Leia Schultz and Dan Fay sat down to talk to Justin about everything from evaluating different solutions, implementation, and favorite features.
In February, Justin’s first priority at his new job at Chase International, a real estate organization, was to implement a directory service. In researching the features he was looking for, he stumbled upon JumpCloud.
Here’s Justin list of features that ultimately made JumpCloud his number one choice:
- Single sign on (SSO)
- Multi-factor Authentication (MFA)
- Support for wireless networks and VPN clients
- Control of local user accounts
- Group policies based on department
That was the must-have list. But, Justin said, the tipping point and cherry-on-top features were these:
- macOS® support
- Insights that gave metrics into systems
- SSO for Microsoft 365™ and G-Suite™
And, according to Justin, it just took a bit of time playing around in JumpCloud Free to get hooked. “JumpCloud pretty much runs the whole show now.”
Let’s go deeper on some of the top features Justin and listeners wanted to discuss during that Office Hours discussion.
Access from Anywhere with Admin Portal
Unlike a traditional directory, JumpCloud consolidates a lot of the features that IT admins need to do their jobs in the easiest, most efficient way possible.
Even though Justin was actually quarantined for 5 weeks (don’t worry, he’s doing well now!), he was able to manage everything to get new users set up with their technology. He had to replace hardware running Windows, which presented a problem without being in-person. Fortunately, with a cloud directory, he just needed to have users sign into JumpCloud through a local admin account. This way, he didn’t need to VPN into a domain controller or worry about anything, even remotely.
“JumpCloud made it really easy to do all of that without physically being able to be in office with the user. I don’t think there’s a way to do that with a traditional AD instance.”
Understand User Behavior with Directory Insights
Justin and the team also talked about the best way to use Directory Insights™, a new feature that just keeps getting better with each update.
Justin uses Directory Insights to look for failed login attempts and the IP addresses where they originate. This has become his morning routine to determine if there is any suspicious behavior that needs to be investigated.
Pro tip: You can apply filters to look for specific patterns of behavior. The new User Filter makes it easy to track down how individuals are behaving.
Mobile Device Management (MDM)
The next question we tackled: JumpCloud or JAMF for MDM? Outside of environments like government agencies, Justin felt that JumpCloud provided an easier user experience compared to JAMF. The advanced features that JAMF offers are often not needed, so it’s not worth the added learning curve when compared with JumpCloud’s intuitive user interface.
Dan also highlighted two notable JumpCloud Policies. For Mac® systems, it’s called MDM Custom Configuration Profile; for Windows, it’s Advanced: Custom Registry Keys. These two Policies are infinitely extensible, negating the need for a separate, additional cost MDM in many use cases.
G Suite & M365 integration
Next on the list of features to discuss: G Suite™ and Microsoft 365™ (M365) integrations.
JumpCloud integrates with both, which is relatively atypical for a directory. Despite his original preference for Microsoft 365, Justin actually prefers the G Suite integration. When a listener asked, he mentioned that he has found no significant shortcomings, probably because JumpCloud is a G Suite environment as well. As long as the email account is live, you’re set!
“I know it sounds overly simple, but it really is that simple.”
Dan pointed out that, while every org is different, the G Suite integration is a selective bind, which makes it really easy and even advisable to test out for your organization. It doesn’t automatically import, so you can evaluate the G Suite integration without affecting your production environment. This creates an API handler connection that gets the integration started which pulls the information but doesn’t tie the account to G Suite.
The priority that can’t be sacrificed: security. Justin took us through what he did to set up time based one time password multi-factor authentication (TOTP MFA).
“One of the really big features that differentiates JumpCloud between your traditional Active Directory setup is the TOTP MFA. You can even require the MFA on login to the device.”
The benefit on Macs is that you only have to use MFA on your first login, and touch ID works after the initial configuration. It’s just the extra layer of security on a device side, plus it protects against unwanted password changes that might result from phishing.
New feature alert: Make life easier while troubleshooting. In the Systems panel, under any online system, there’s a new button that says “Get System Logs.” This lets any admin, anywhere, quickly retrieve JumpCloud client agent logs, to be able to troubleshoot without any back and forth with end users.
It’s not in everyone’s environment, but this was a hidden gem for Justin. With JumpCloud, you can have cloud-hosted RADIUS servers for authenticating your users to your wireless networks and VPNs. JumpCloud enabled segmentation to have public and private networks, the private requiring the RADIUS password.
This really streamlined the VPN process for Justin’s team — it was easy to implement and is unique to JumpCloud, versus a traditional AD instance based on one location.
How Should Someone Get Started?
Our final question for Justin, a new but already experienced JumpCloud admin, was how someone totally new to JumpCloud could get started.
Step 1: JumpCloud University
JumpCloud University documents everything from terminology to best practices. You can also earn a Core certification badge for free this year! It’s a great place to start your learning.
Step 2: JumpCloud Free
Once you’ve got some knowledge under your belt (or even while you’re learning), Justin recommended taking advantage of the 10 free users and systems account and free chat support offered in JumpCloud Free.
Also, take it from Justin: Don’t worry — JumpCloud is made to be intuitive, unlike traditional directories that can be clunky for new users. He also jokes that he would recommend trying to break it, like he did: “I tried to break it and I couldn’t. I think that says a lot.”
Step 3: Join the JumpCloud Lounge
Plus don’t forget about the JumpCloud Lounge on Slack. Dan personally is hanging around the Lounge and would love to talk about commands, as will most of the community. Join to chat and network with IT experts.
Plus, if you want to hear more about how Justin and Chase International use JumpCloud, check out the case study.