Microsoft makes public preview of Azure Bastion available

Microsoft has unveiled a new service called Azure Bastion, which should provide secure access to off-Internet virtual machines. Azure Bastion is now available as a public preview.

Bastion hosts are computers on networks specifically designed to withstand attacks. Microsoft’s latest Azure service lends that name, because it has the same purpose, writes ZDNet. Microsoft itself says that it worked with “hundreds” of customers before the preview was launched.

Those customers wanted an easy way to deploy jump servers or bastion hosts, running and scaling within the Azure infrastructure. With Azure Bastion, exactly that should be possible, according to the company.

Azure Bastion

Azure Bastion is a new, managed PaaS service that provides seamless RDP and SSH connectivity for virtual machines via the Secure Sockets Layer (SSL). The service achieves this without displaying public IPs on the virtual machines. The facilities of Azure Bastion are located directly in the Azure Virtual Network. This allows users to start Remote Desktop Protocol (RDP) and SSH sessions directly from the Azure portal.

It is also possible to deploy, run and scale jump servers or bastion hosts via the browser and the Azure portal. A public IP is therefore not required, so that the infrastructure does not end up too much on the Internet.

Users don’t have to worry about managing security policies for the network. Azure Bastion supplies, among other things, reinforced protection against external port scanning.

Future

Microsoft wants to expand Azure Bastion even further with other security features in the future. For example, the company wants to add an Azure Active Directory integration for single sign-on and Multi-Factor Authentication for RDP and SSH connections. However, it is not yet known when this will happen. The company is also working on adding support for native RDP and SSH clients.