Features by platform

Support for Advanced Server Access features varies by platform. Your server's platform determines which of the following features are available and how they're implemented:

  • Auto-enrollment - The process of enrolling virtual machines that you created in an environment with your Advanced Server Access team.
  • Public network detection - The method of setting a concrete IP address for your team's servers.
  • Cloned server detection - The method of differentiating between new servers that are cloned from existing servers (also known as deduplication).
  • Private network detection - Whether the private network the server belongs to is automatically detected.
Platform Auto-enrollment Public network detection

Private network detection

Cloned server detection
Amazon Web Services (AWS) Servers automatically enroll using an AWS account retrieved from EC2 Metadata Service and correlated with Advanced Server Access platform configurations. In the absence of an explicit configuration in the agent's sftd.yaml file with either AccessAddress or AccessInterface, the EC2 VPC ID and their associated IP addresses are collected by the Agent from EC2 Metadata and provided to the Advanced Server Access platform. This means that when a SSH/RDP hop to a target server occurs from an SSH bastion, Advanced Server Access can use the VPC IP, specifically. Yes Yes
Google Cloud Provider (GCP) Servers automatically enroll using a GCP account retrieved from metadata and correlated with Advanced Server Access platform configurations. Must be either explicitly configured or selected by heuristic. Yes Yes
Microsoft Azure No Must be either explicitly configured or selected by heuristic. Yes Cloned virtual machines are deduplicated using VMID. If the VMID is changed by an action, we will detect it as a new machine. If the VMID is the same, it is considered as the same machine.
Other cloud providers and on-premises No Must be either explicitly configured or selected by heuristic. No N/A

See also