Privileged Access Management (PAM) Jump Server
Apache Guacamole Implementation
Spearheaded the evaluation and deployment of a secure jump server by building a proof-of-concept with Apache Guacamole when the corporate-standard Cisco ISE solution was deemed too complex and costly.
Client
Luxottica
Completion
2 months
Category
Security & Compliance
Situation
To meet stringent IT audit requirements, the team was tasked with implementing a Privileged Access Workstation (PAW) solution. The initial proposal involved the corporate-standard Cisco ISE, which was quickly deemed overly complex, expensive, and logistically challenging.
Task
Research, validate, and propose a practical and secure alternative that would meet all audit requirements (including session recording) while being more cost-effective and easier to implement.
Action
→Researched and identified Apache Guacamole as a viable alternative
→Built a fully functional POC on an Ubuntu VM with Docker containers
→Demonstrated secure, web-based access via SSH, RDP, and VNC protocols
→Integrated LDAP for centralized user management and session recording
Results
✓Convinced the team and leadership to pivot from the complex Cisco ISE solution
✓Provided a clear and immediate path to audit compliance for privileged access
✓Demonstrated a model for rapid, proactive problem-solving