Office Hours Recap: Three New JumpCloud Features

Written by Cassa Niedringhaus on August 13, 2020

Share This Article

At our most recent Office Hours session, JumpCloud technical experts and marketers answered a wide range of IT-related questions and highlighted exciting new features.

JumpCloud® is an all-in-one access control and device management platform, and IT administrators can now deploy new Policies from the Admin Portal to manage their macOS® and Windows® machines more deeply and in more customizable ways. Additionally, admins can now export Directory Insights™ data to an Amazon S3 bucket via a new serverless app — which enables long-term archival and ingestion into a SIEM tool. (Directory Insights is a premium feature that provides event logs across JumpCloud services.)

Read what JumpCloud’s Dan Fay, Brandon White, and Leia Schultz shared about each of these new features, and explore linked Knowledge Base articles to put them to use in your own organization.

What’s New in JumpCloud?

1. Policy to Deploy MDM Custom Configuration Profiles

Dan: We’ve released quite a bit in the past two weeks. We also have a good bit that’s in the upcoming roadmap. I’m a huge policy and security nerd — with one of the new Policies, we have a custom profile configuration now. This gives you full capabilities to upload your own custom MDM configuration profiles. This will introduce and enforce a lot of the security policies that we don’t currently have in our pre-made Policy list. With the upcoming Big Sur and changes from Apple, we’re working toward building out our MDM, and this is one of our first steps.

This is huge because you could use the current Policy set in JumpCloud to meet a lot of your security concerns and compliance requirements, but this MDM configuration profile gives you a much bigger lever to lock down the systems. There’s an associated KB that goes over how to build your profiles. There are a bunch of tools out there already. One of the ones I use — and I’ve used a bunch previously — is Profile Creator. It gives you the ability to custom-configure any of the profiles you’re looking to do.

2. Advanced Policy for Windows Custom Registry Keys  

Dan: Windows’ OS architecture is entirely different from Mac. Mac is a lot more lenient and easier to work with. As a previous Windows and Linux admin, I can say Windows can be the most volatile, primarily around the registry key setup. With this Policy, you can add specific custom registry key locations, the value name of what it’s supposed to be, the type of value for the registry key, and the data value. You might need multiple registry keys in order to enable a Policy — that’s the way Windows works. There’s a website called GPSearch, where you can look up specific policies and get the registry key values and all the information you would need in order to enforce these.

You would then add the registry keys you need in JumpCloud, save that as a Policy, and apply that to your Windows systems. This gives you very similar customization you would be able to do with the MDM mobile configuration Policy for Apple.

3. Integrate Directory Reporting & AWS S3 Bucket 

Dan: You have the ability to integrate an S3 bucket. Directory Insights can then transfer its data points into an S3 bucket, which your SIEM can reach out to, pull, cache, and catalog. It can aggregate it within your current log set. If you want to export the logs or have longer caching times, you can do that with the S3 bucket. We’ve launched an app in the marketplace. It’s super simple, very quick to stand up. Plus, even though you’re hosting an S3, it’s a very minimal cost. The data points aren’t that large, because they’re basically JSON or CSV files. They’re super small, but it contains a lot of the data. Whatever data you want to cache, we’ll cache in that S3 bucket and your SIEM or reporting mechanism can pull that from the S3 bucket — like DataDog or Splunk. Anything you do in the directory is cached and cataloged within Directory Insights.

Leia: This should make it super easy to export your data, save it as long as you need to, ingest it into any SIEM or monitoring tool you use, and as we explore going beyond AWS for that data migration and saving, any and all feedback you have using Directory Insights, you’re welcome to share that with us in the Admin Portal.

JumpCloud Office Hours

We host live Office Hours sessions weekly, featuring JumpCloud technical experts and Q&A with fellow admins. Browse upcoming sessions and save your seat here.

Otherwise, create a free account — your first 10 users and systems are free forever — and give each of these new features a try yourself.

Continue Learning with our Newsletter