Just-in-time Authentication (JIT)
Lithnet Access Manager supports granting access to computers and groups using a simple, just-in-time (JIT) access model.
Rather than administrators having permanent access to computers or groups, they can use Access Manager to grant themselves access on a temporary as-needed basis.
By reducing permanent administrators, you can rapidly increase the difficulty of a successful lateral-movement based attack in your environment.
Access Manager supports two forms of JIT:
JIT for Computers allows you to configure administrators to request just-in-time access to specific machines.
JIT for Roles allows you to define a role, based on an Active Directory group, that users are allowed to request access to on a temporary basis.
Last updated