Commonly brute force attacks target management ports like 22, 3389… as a means to gain access to Compute VMs, meaning that an attacker can take control of the VM and establish a foothold into your environment.
In order to prevent those attacks, we can configure what is called Just In Time in our VM’s.
JIT is a mechanism that allows to open ports only for a couple of hours, so ports do not need to be open at all times. JIT policies allows to determine which ports has to be protected, how long ports remain open, and approved IP addresses from where thes ports can be accessed.
Also, all the requests are logged into Azure Activity Logs, so is it possible to easily monitor and audit access.
The only thing that you will need to do is to configure the JIT in the VM easily:
Once configured, you can configure all the policies from Azure Security Center
Just-in-Time VM Access reduces your surface area exposed to RDP/SSH brute-force attack. This feature is available in the standard pricing tier of Azure Security Center, and you can try Security Center for free for the first 60 days. Go and try it out!