Securing the access and administration of IT services using jumping
As mentioned in the post "Best practice network design" (which you can read here), one of the tools a network administrator is required to have to securely manage servers is a jump server. A jump server is installed in a partitioned section of the network and access is provided to this server using a policy based network path. The jump server is then the only network device that has network level access to the administrative consoles of servers. This prevents these consoles from being accessible to anyone on the internal network were only application level access is provided. Administrators gain access to the jump server using signed certificates which provides a high level of trust and authentication. The normal server challenge methods are then also applied on the server consoles.
Read about recommendations on what software to use for a jump server here.