{"id":4531,"date":"2020-08-20T12:20:21","date_gmt":"2020-08-20T16:50:21","guid":{"rendered":"https:\/\/www.apps4rent.com\/blog\/?p=4531"},"modified":"2020-11-19T08:58:37","modified_gmt":"2020-11-19T13:28:37","slug":"azure-bastion","status":"publish","type":"post","link":"https:\/\/www.apps4rent.com\/blog\/azure-bastion\/","title":{"rendered":"What Is Azure Bastion?"},"content":{"rendered":"<p>Virtual machines (VM) accessed using public IPs are vulnerable to cyber-attacks especially when they are used directly in the production environment. The alternative is to use a site-to-site VPN or a dedicated virtual machine that stores public IP addresses. While neither of these solutions guarantees complete protection against cyber-attacks, they are complex to implement and manage.<\/p>\n<p>To counter these problems, Microsoft introduced a fully managed Platform as a Service (PaaS) solution provisioned in the Azure Virtual Network (VNet) for Remote Desktop Protocol (RDP)\/ Secure Shell Protocol (SSH) connectivity to Azure virtual machines called Azure Bastion. Let us understand what Azure Bastion is and how to take advantage of the solution.<\/p>\n<h2 style=\"font-size: 24px;\">What Are the Advantages of Azure Bastion?<\/h2>\n<p>With Azure Bastion, users take advantage of a managed jump-server that acts as a singular point for accessing their resources. However, unlike other solutions, users do not have to manage complex VPN deployments or use a public IP for a jump-server VM with a public IP that is exposed to the internet. Here are some of the other advantages of using Azure Bastion.<\/p>\n<ul>\n<li style=\"margin-bottom: 10px;\">Users can RDP\/SSH in the Azure Portal directly.<\/li>\n<li style=\"margin-bottom: 10px;\">Remote sessions can be accessed securely over HTML5 (HTTPS\/443).<\/li>\n<li style=\"margin-bottom: 10px;\">Public IP addresses that are directly exposed to the internet are not required for accessing Azure VMs.<\/li>\n<li style=\"margin-bottom: 10px;\">Organizations using the solution will not have to manage network security groups (NSG).<\/li>\n<li style=\"margin-bottom: 10px;\">Firewall traversal is not required for RDP\/SSH.<\/li>\n<\/ul>\n<h2 style=\"font-size: 24px;\">When to Use Azure Bastion?<\/h2>\n<p>Azure Bastion is useful for enhancing the security of Azure-based VMs. Let us take a look at some of the use cases of Azure Bastion.<\/p>\n<ul>\n<li style=\"margin-bottom: 10px;\">If you are using Azure VMs with a subscription that does not allow you to connect with a VPN or set up jump-host in Azure vNet, Azure Bastion can be a solution.<\/li>\n<li style=\"margin-bottom: 10px;\">If you have multiple admins\/ users working on the same host, setting up Azure Bastion can be more affordable than a jump-host\/ Azure terminal server.<\/li>\n<li style=\"margin-bottom: 10px;\">Azure Bastion can be an alternative for organizations that need to provide standalone VM access to users who need not be authorized to use other resources in the virtual network.<\/li>\n<li style=\"margin-bottom: 10px;\">It is an ideal solution for implementing just in time (JIT) Azure administration without deploying permanent VMs when you need to deploy a bastion host quickly for a short span.<\/li>\n<\/ul>\n<h2 style=\"font-size: 24px;\">How to Deploy Azure Bastion?<\/h2>\n<p>Azure Bastion can be deployed from the Azure Portal. The bastion host can be created using existing Azure VM settings or using PowerShell.<\/p>\n<p>Follow the steps below to add a new Azure Bastion host from the Azure portal.<\/p>\n<ul>\n<li style=\"margin-bottom: 10px;\">Access the Create a resource option either from the Azure portal menu or the homepage.<\/li>\n<li style=\"margin-bottom: 10px;\">When the new page opens, search for Bastion in the Marketplace.<\/li>\n<li style=\"margin-bottom: 10px;\">Click on the result that appears with Microsoft as the publisher in the Networking category.<\/li>\n<li style=\"margin-bottom: 10px;\">Create a bastion page and specify the resource configuration on the page that appears.<\/li>\n<li style=\"margin-bottom: 10px;\">Initiate the deployment once the validation is complete.<\/li>\n<\/ul>\n<h3 style=\"font-size: 23px;\">How to Connect with Azure Bastion?<\/h3>\n<p>You can connect to Azure Bastion from the connection pane on the Azure portal that is used for accessing your virtual machines.<\/p>\n<ul>\n<li style=\"margin-bottom: 10px;\">Click on Connect for the virtual machine that you need to access from the Azure portal.<\/li>\n<li style=\"margin-bottom: 10px;\">Select Bastion from the dropdown and then click on Use Bastion on the Connect page.<\/li>\n<li style=\"margin-bottom: 10px;\">Fill out the settings such as Name, Subnet, Public IP address, and<\/li>\n<li style=\"margin-bottom: 10px;\">Public IP address name, and validate the details.<\/li>\n<li style=\"margin-bottom: 10px;\">Type in your VM credentials and click on Connect.<\/li>\n<\/ul>\n<p>Your RDP connection to the VM that is routed through Azure Bastion will appear on your browser in the Azure portal.<\/p>\n<h3 style=\"font-size: 23px;\">Apps4Rent Can Help with Azure Bastion Deployment<\/h3>\n<p>Azure Bastion is one of the standout features of securing and simplifying access to virtual machines. It is a robust platform-native solution that eliminates the need for dedicated internet-facing hosts while simplifying Azure resource administration. <strong>As a Tier 1 Microsoft CSP<\/strong>, Apps4Rent can help you deploy and manage your Azure resources. Contact our Azure experts who are available 24\/7 via phone, chat, and email for assistance with <span style=\"color: #049ab8;\"><a style=\"color: #049ab8;\" href=\"https:\/\/www.apps4rent.com\/managed-azure.html\">Azure services<\/a><\/span>, plans, and deployments.<\/p>\n<style>.stick_popup{margin-top: -190px !important;}@media only screen and (min-width:99px) and (max-width:767px){.popup1 {display: none;}.stick_popup{width: 100% !important;margin-left: -188px !important;}}<\/style>\n<link rel=\"stylesheet\" type=\"text\/css\" href=\"https:\/\/www.clouddesktoponline.com\/blog\/wp-content\/themes\/apps4rentoffice\/popup\/stick-to-me.css\"\/><script src=\"https:\/\/www.clouddesktoponline.com\/blog\/wp-content\/themes\/apps4rentoffice\/popup\/stick-to-me.js\"><\/script><script>$(document).ready(function(){$.stickToMe({layer:'#stickLayer'});});<\/script><\/p>\n<div class=\"jquery-script-ads\" align=\"center\"><\/div>\n<div id=\"stickLayer\" style=\"display:none;max-width:1000px;height:auto; width:1000px;background:#fff;\" class=\"stick_popup\">\n<div class=\"stick_close\" onclick=\"$.stick_close()\">X<\/div>\n<div class=\"stick_content\" style=\"padding-left: 0px;padding-top: 0px;padding-bottom: 0px;\">\n<div class=\"col-md-6 popup1\" style=\"background: #0774c6;color: white;height:600px;padding:0px;\"><img decoding=\"async\" src=\"https:\/\/www.apps4rent.com\/blog\/wp-content\/uploads\/2020\/11\/apps4rent-manage-azure-services.png\"\/><\/div>\n<div class=\"col-md-6\">\n<p style=\"padding-top: 7px;color: #30508c;margin-bottom: 10px;text-align: center;line-height: 35px;font-size:30px;font-weight: 500;\">Looking for help with Azure?<br \/>\nOur Azure experts can help you.<\/p>\n\n<div class=\"wpcf7 no-js\" id=\"wpcf7-f4891-o1\" lang=\"en-US\" dir=\"ltr\" data-wpcf7-id=\"4891\">\n<div class=\"screen-reader-response\"><p role=\"status\" aria-live=\"polite\" aria-atomic=\"true\"><\/p> <ul><\/ul><\/div>\n<form action=\"\/blog\/wp-json\/wp\/v2\/posts\/4531#wpcf7-f4891-o1\" method=\"post\" class=\"wpcf7-form init\" aria-label=\"Contact form\" novalidate=\"novalidate\" data-status=\"init\">\n<fieldset class=\"hidden-fields-container\"><input type=\"hidden\" name=\"_wpcf7\" value=\"4891\" \/><input type=\"hidden\" name=\"_wpcf7_version\" value=\"6.1.5\" \/><input type=\"hidden\" name=\"_wpcf7_locale\" value=\"en_US\" \/><input type=\"hidden\" name=\"_wpcf7_unit_tag\" value=\"wpcf7-f4891-o1\" \/><input type=\"hidden\" name=\"_wpcf7_container_post\" value=\"0\" \/><input type=\"hidden\" name=\"_wpcf7_posted_data_hash\" value=\"\" \/><input type=\"hidden\" name=\"_wpcf7cf_hidden_group_fields\" value=\"[]\" \/><input type=\"hidden\" name=\"_wpcf7cf_hidden_groups\" value=\"[]\" \/><input type=\"hidden\" name=\"_wpcf7cf_visible_groups\" value=\"[]\" \/><input type=\"hidden\" name=\"_wpcf7cf_repeaters\" value=\"[]\" \/><input type=\"hidden\" name=\"_wpcf7cf_steps\" value=\"{}\" \/><input type=\"hidden\" name=\"_wpcf7cf_options\" value=\"{&quot;form_id&quot;:4891,&quot;conditions&quot;:[],&quot;settings&quot;:{&quot;animation&quot;:&quot;yes&quot;,&quot;animation_intime&quot;:200,&quot;animation_outtime&quot;:200,&quot;conditions_ui&quot;:&quot;normal&quot;,&quot;notice_dismissed&quot;:false,&quot;notice_dismissed_rollback-cf7-5.9.5&quot;:true}}\" \/>\n<\/fieldset>\n<style>.inputf{font: 16px 'Roboto !important';font-weight: normal;font-style: normal;line-height: 25px;color: #2A363F;padding: 5px 20px;font-size: 16px;border: #9d9fa0 1px solid !important;margin-bottom:20px !important;box-sizing: border-box;border-radius: 3px !important;width: 100%;}\n.cf7-style div.wpcf7-response-output{width: fit-content !important;margin: 0px;padding: 5px !important;}\n.button1 {padding: 15px 20px;font-size: 18px !important;background: #375181;font-family: sans-serif;color: #fff;border: #9dbfff 2px solid;box-shadow: none;font-weight: bold;margin-bottom:0px !important;width: 100% !important;}\n<\/style>\n<style>@media only screen and (min-width:99px) and (max-width:767px){#content{margin-left:0px auto;}.sec {width:100% !important;float: none !important;}.html input[type=\"button\"], input[type=\"reset\"], input[type=\"submit\"]{font-size:16px !important;}}\n<\/style>\n<div style=\"padding-left: 15px;padding-right: 15px;padding-top: 15px;padding-bottom: 0px;\">\n\t<div style=\"float: left;width: 100%;margin-right: 15px;\" class=\"sec\">\n\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"Name\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-text wpcf7-validates-as-required inputf\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Name*\" value=\"\" type=\"text\" name=\"Name\" \/><\/span>\n\t\t<\/p>\n\t<\/div>\n\t<div style=\"float: left;width: 100%;margin-right: 15px;\" class=\"sec\">\n\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"contact\"><input size=\"40\" maxlength=\"10\" minlength=\"6\" class=\"wpcf7-form-control wpcf7-tel wpcf7-validates-as-required wpcf7-text wpcf7-validates-as-tel inputf\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Contact Number*\" value=\"\" type=\"tel\" name=\"contact\" \/><\/span>\n\t\t<\/p>\n\t<\/div>\n\t<div style=\"float: left;width: 100%;\" class=\"sec\">\n\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"email\"><input size=\"40\" maxlength=\"400\" class=\"wpcf7-form-control wpcf7-email wpcf7-validates-as-required wpcf7-text wpcf7-validates-as-email inputf\" aria-required=\"true\" aria-invalid=\"false\" placeholder=\"Email ID*\" value=\"\" type=\"email\" name=\"email\" \/><\/span>\n\t\t<\/p>\n\t<\/div>\n\t<div style=\"float: left;width: 100%;margin-bottom:20px;\" class=\"sec\">\n\t\t<p><span class=\"wpcf7-form-control-wrap\" data-name=\"msg\"><textarea cols=\"40\" rows=\"5\" maxlength=\"2000\" class=\"wpcf7-form-control wpcf7-textarea inputf\" aria-invalid=\"false\" placeholder=\"Message\" name=\"msg\"><\/textarea><\/span>\n\t\t<\/p>\n\t<\/div>\n\t<div>\n\t\t<p><input class=\"wpcf7-form-control wpcf7-submit has-spinner button1\" type=\"submit\" value=\"SUBMIT REQUEST\" \/>\n\t\t<\/p>\n\t<\/div>\n<\/div><p style=\"display: none !important;\" class=\"akismet-fields-container\" data-prefix=\"_wpcf7_ak_\"><label>&#916;<textarea name=\"_wpcf7_ak_hp_textarea\" cols=\"45\" rows=\"8\" maxlength=\"100\"><\/textarea><\/label><input type=\"hidden\" id=\"ak_js_1\" name=\"_wpcf7_ak_js\" value=\"11\"\/><script>document.getElementById( \"ak_js_1\" ).setAttribute( \"value\", ( new Date() ).getTime() );<\/script><\/p><div class=\"wpcf7-response-output\" aria-hidden=\"true\"><\/div>\n<\/form>\n<\/div>\n\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Virtual machines (VM) accessed using public IPs are vulnerable to cyber-attacks especially when they are used directly in the production environment. The alternative is to use a site-to-site VPN or a dedicated virtual machine that stores public IP addresses. While neither of these solutions guarantees complete protection against cyber-attacks, they are complex to implement and [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[545],"tags":[],"class_list":["post-4531","post","type-post","status-publish","format-standard","hentry","category-azure"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/posts\/4531","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/comments?post=4531"}],"version-history":[{"count":1,"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/posts\/4531\/revisions"}],"predecessor-version":[{"id":4971,"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/posts\/4531\/revisions\/4971"}],"wp:attachment":[{"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/media?parent=4531"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/categories?post=4531"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.apps4rent.com\/blog\/wp-json\/wp\/v2\/tags?post=4531"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}