Bastion

BastionLast Updated:  14th August 2023

Bastion

Introduction

Azure Bastion is a fully managed PaaS service that offers secure and seamless RDP (Remote Desktop Protocol) and SSH (Secure Shell) access to virtual machines. It provides an integrated and browser-based connection experience that eliminates the need for public IP addresses on virtual machines, reducing exposure to security risks.

Detailed Information

Core Functionality:

  • Secure RDP and SSH Connections: Enables secure and seamless RDP and SSH connectivity to virtual machines through the Azure portal over SSL.
  • Integrated with Azure Portal: Allows users to connect directly from the Azure portal using a web browser without the need for additional client software or external tools.
  • No Public IP Requirement: Removes the need to expose the virtual machines to the public Internet, thus enhancing security.

Advanced Features:

  • Multi-Factor Authentication (MFA): Integrates with Entra ID, allowing additional security layers such as Multi-Factor Authentication.
  • Entra ID Integration: Leverages Entra ID identities and provides Entra ID-based authentication for RDP/SSH.
  • Session Recording: Offers optional recording and auditing of RDP and SSH sessions for compliance.
  • Scalability and Availability: Built on Azure's scalable and resilient infrastructure, ensuring high availability across regions.

Pricing

Azure Bastion is a paid service, and its pricing is based on the number of hours of connectivity and the amount of data transferred. Different pricing options are available based on regions and specific needs, with detailed pricing information available on the Azure pricing page.

Related

  • Virtual Networks: Azure Bastion is deployed within a virtual network, providing connectivity to all VMs within that network.
  • Defender for Cloud: Offers integration for monitoring and ensuring security compliance.
  • Entra ID: For identity management and access control, tightly integrated with Azure Bastion.

Conclusion

Azure Bastion enhances the security and usability of remote access to Azure virtual machines. By delivering seamless RDP and SSH connectivity directly through the Azure portal, and incorporating robust features such as MFA and session recording, it plays a critical role in modern cloud security strategies.

If your organisation requires streamlined and secure remote access solutions without compromising on functionality, Azure Bastion could be an essential addition to your Azure infrastructure. Our team is on hand to discuss your specific needs and assist in implementing a solution that aligns with your security and operational objectives.