Microsoft has announced a new managed PaaS service that will provide enterprises secure and seamless RDP and SSH access to virtual machines directly through the Azure Portal.
Called Azure Bastion, the new service has been designed as an additional safeguard for the organizations that don’t want to connect to Azure VMs through public internet connections, as it can sometimes lead to the security and connectivity issues.
“Azure Bastion is a new managed PaaS service that provides seamless RDP and SSH connectivity to your virtual machines over the Secure Sockets Layer (SSL). This is completed without any exposure of the public IPs on your virtual machines,” Yousef Khalidi, Microsoft wrote in a blog post.
“Azure Bastion provisions directly in your Azure Virtual Network, providing bastion host or jump server as-a-service and integrated connectivity to all virtual machines in your virtual networking using RDP/SSH directly from and through your browser and the Azure portal experience. This can be executed with just two clicks and without the need to worry about managing network security policies.”
With the Azure Bastion, users can start an RDP (Remote Desktop Protocol) or SSH (Secure Shell) remote connection directly from the Azure portal using a web browser over SSL. This service will allow the users to access Azure VMs using a private IP address (see diagram below).
In future release, Microsoft plans to integrate Azure Active Directory with the Azure Bastion. The tech giant will also add seamless single sign-on capabilities, use of Azure Active Directory identities, as well as multifactor authentication to extend two-factor authentication to RDP/SSH connections.
There will also be support for RDP/SSH clients to enable them to connect securely with Azure Virtual Machines via Azure Bastion service.
Azure Bastion is currently available in preview.