Harden your Azure infrastructure using Azure Security Center Just-in-Time VM Access

Posted by

In many customer’s Azure environments you might find virtual machines that act as RDP jump hosts for external access to Azure VNets, wether for contractors support access or because of inexperience. Whatever the reason is – it is unsecure in many ways.

Just-in-Time Access enables customers to lock down their Azure VMs in order to reduce attack surface and exposure while keeping the ability to remotely access VMs when needed. JIT is available in the Standard tier of Azure Security Center and only supports VMs that have been deployed through Azure Resource Manager. Technically seen, JIT adds some inbound deny rules to a VM`s NSG so access to the configured ports is blocked. When access is requested a new allow rule with a lower priority is added to the NSG so access is granted for a given time and a given source IP (or pre-defined IP range).

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s