All Products
Search

This Product

    Bastionhost:Application management

    Document Center

    Bastionhost:Application management

    Last Updated:Nov 20, 2024

    This topic describes the background, terms, and procedure of application O&M.

    Background information

    Enterprises need to perform O&M operations on applications, including office automation (OA) systems, business systems, and database systems. Bastionhost provides the application O&M feature for client applications and web applications.

    You can add a Windows host as an application server in the console of a bastion host, configure applications on the bastion host, and then authorize O&M engineers to access the applications by using the bastion host. You can also configure access policies as an administrator to restrict the pages that O&M engineers can access. This reduces business security risks. Bastionhost allows you to record and audit all operations performed by O&M engineers on applications. This meets the audit requirements of enterprises and allows you to find the causes of O&M incidents.

    Terms

    • Application server: a jump server between a bastion host and applications.

    • Remote client: a client that is used to access applications on an application server, such as a browser or a database client tool.

      Note

      You can configure autofill scripts and access policies only for web applications.

    • Application: an application that O&M engineers want to access by using a remote client, such as an HTTP or HTTPS website or a database.

    Procedure

    To perform O&M operations on an application by using a bastion host, perform the following steps:

    1. Prepare an application server: Prepare a Windows host that you want to use as an application server and deploy Remote Desktop Services and RemoteApp on it. For more information, see Deploy a Windows server as an application server.

      Note

      We recommend that you use an application server that runs Windows Server 2016, Windows Server 2019, or Windows Server 2022.

    2. Add the application server to your bastion host: Import the Windows host to your bastion host and add it as an application server on the Applications page.

    3. Deploy the application server: Publish USMDriver.exe RemoteApp on the application server.

    4. Synchronize users from the bastion host to the application server: Synchronize the users of your bastion host to the application server and create accounts for them. This way, O&M engineers can use the accounts to log on to the application server and perform O&M operations.

    5. Add a remote client: Add a remote client that is used to access the application on the application server, such as a browser or a database client tool.

    6. Add and configure an application: Add a client application or web application to your bastion host and authorize O&M engineers to manage the application.

    image