Relationship between bastion host and jump host

firewall proxy bastion

What's are the differences/similarities between a "bastion host" and a "jump host"? Are they usually used interchangeably?


Solution 1:

A Bastion host is a machine that is outside of your security zone.
And is expected to be a weak point, and in need of additional security considerations.

Because your security devices are technically outside of your security zone, firewalls and security appliances are also considered in most cases Bastion hosts.

Usually we're talking about:

  • DNS Servers
  • FTP Servers
  • VPN Servers

A Jump Server is intended to breach the gap between two security zones.

The intended purpose here is to have a gateway to access something inside of the security zone, from the DMZ.
The main reason I've seen this utilized is to make sure that the one known entrance to a specific server that has to be accessible from the outside is kept up to date and is known in its purpose as only having to connect to (a) specific host(s).

Usually this is a hardened Linux box only used for SSH.

Related

What is /var/empty and why is this directory used by sshd?
Configuration management: push versus pull based topology
Easiest way to set up LDAP for dev testing
Linux memory fragmentation
What are the best possible ways to benchmark RAM (no-ECC) under linux / arm?
How to describe VMware performance requirements for our application to a VMware admin?
Windows Server 2008: specifying the default IP address when NIC has multiple addresses
Unzip files programmatically in .net
Remove file extension from a file name string
How to run iPhone emulator WITHOUT starting Xcode?
Send response to all clients except sender
How do I auto-hide placeholder text upon focus using css or jquery?