Creating a jita for a user or group, Creating an extendable jita for a user or group – HP HP ProtectTools Security Software, Version 6.0 (User Guide) User Manual
Page 65
Scenario: A Simple Configuration policy is configured to deny all non-Device Administrators access
to the DVD/CD-ROM drive.
Result: A JITA enabled user attempts to access the DVD/CD-ROM drive, they receive the same
access denied message as a non JITA enabled user. In addition, another popup will display asking
for the users credentials. Once the user successfully authenticates to Security Manager they will be
granted access to the DVD/CD-ROM drive.
The JITA period can be authorized for a set number of minutes or 0 minutes. A JITA period of 0
minutes will not expire; the user will have access to the device from the time they authenticate until
the time they log off the system.
The JITA period can also be extendable. In this scenario, 1 minute before their JITA period is about to
expire they can click the prompt and extend their access without having to re-authenticate.
Whether the user is given a limited or unlimited JITA period, as soon as they log off the system or
switch their user and login as someone else, the JITA period expires. The next time the user logs in
and attempts to access a JITA enabled device they will be prompted for their credentials. At present
JITA is available for the following device classes:
●
DVD/CD-ROM
●
Removable Media
This section provides information about the following topics:
●
Creating a JITA for a user or group
●
Creating an extendable JITA for a user or group
●
Disabling a JITA for a User or Group
Creating a JITA for a user or group
Administrators can allow users or group access to devices using just-in-time authentication.
1.
In the left pane of HP ProtectTools Administrative Console, click Device Access Manager, and
then click JITA Configuration.
2.
From the devices drop-down menu, select either removable media or DVD/CD-ROM drives.
3.
Using the + button, add a user or group to the JITA configuration.
4.
Click the Enabled check box.
5.
Set the JITA period to the required time.
6.
Click the Apply button.
The selected user can now login, authenticate to Security Manager and access the device.
Creating an extendable JITA for a user or group
Administrators can allow users or group access to devices using just-in-time authentication.
1.
In the left pane of HP ProtectTools Administrative Console, click Device Access Manager, and
then click JITA configuration.
2.
From the devices drop-down menu, select either removable media or DVD/CD-ROM drives.
3.
Using the + button, add a user or group to the JITA configuration.
4.
Click the Enabled check box.
ENWW
Just In Time Authentication (JITA) Configuration
55