The term local means on the same host (machine) and running as the same user. For example, this means that local JMX access is possible only if the JVM you want to access is running on the same host and as the same user as the user who is running a JMX client such as JConsole (or a different user with sufficient file system permissions). In order to allow other users to access the JVM, or to allow access from other hosts, remote JMX must be enabled.

Local JMX management and monitoring are enabled by default on platforms that support JMX.

Remote JMX management and monitoring is a powerful Java feature, allowing you to monitor a specific JVM from a remote location. Enabling remote JMX requires explicit actions by the JVM administrator, since it may involve exposing sensitive information about your system.

The most common way to enable remote JMX access to your JVM is to specify a TCP/IP port number and some basic security settings when you start the JVM. The security settings commonly include authentication and SSL (Secure Socket Layer). attempts to use the JVM's built-in platform MBean server. For a list of current command line options (system properties) and their meanings, refer to the table in the Java SE Monitoring and Management Guide at http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html#gdeum .

The following topics describe ways to enable and disable remote JMX access.