Term · 4. Roles, Policies & Access Rights
Bastion Host
Definition
Hardened gateway server providing controlled access to internal systems — users connect to bastion, then jump to target systems. Common pattern for SSH access to production servers. Modern bastions (jump servers) include session recording, MFA enforcement, command logging, and integration with PAM platforms.
- Synonyms
-
- Jump host
- Jump server
- PAM-jumphost
- Application
- Regulatory: NIS2 Directive — EU 2022/2555 · NIST SP 800-63 (Digital Identity Guidelines) · PCI DSS v4.0.1 Req. 7-8
- Standards & regulations
-
- NIS2
- NIST
- PCI
Related terms
-
Privileged Session Management (PSM)
PAM capability that records, monitors, and analyzes sessions involving privileged credentials — SSH sessions to servers, …
-
Privileged Account (PA)
Account with elevated rights to administer systems, modify configurations, access sensitive data, or bypass standard con …
-
Privileged Account Discovery
Automated scanning of systems to discover privileged accounts (admin, root, service accounts with elevated rights). Crit …
-
CMMC (Cybersecurity Maturity Model Certification) (CMMC)
US Department of Defense framework certifying cybersecurity practices of Defense Industrial Base (DIB) contractors handl …
-
Emergency Account
Highly-privileged account reserved for emergency use — disaster recovery, lockout recovery, after-hours critical inciden …
-
Just Enough Administration (JEA)
PowerShell capability (and broader IAM principle) restricting administrative actions to the minimum command-set required …