As someone who is in the IT field, I tend to use VMs a lot for many reasons, could it be for security or remote connectivity.
But, Azure has made a very useful service that will make sure our access to the Azure Virtual Machines is secured and seamless. This service is called Azure Bastion, and that will be the subject of my article today!
What is an Azure Bastion Host and how does it work?
Azure Bastion, as I said before, is a fully managed service, created by Azure, that plays the role of the bodyguard when trying to access Azure Virtual Machines.
Its technology is based on providing a secured and seamless Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to the VMs. It’s also a great tool as it gives the user the possibility to browse the web without the need to install additional software or browser plugins.
To understand better how it works, let’s put you in a situation. Imagine yourself using a VM, and while you were searching for the best way to secure your connection, you came across Azure Bastion.
Once you connect to your VM through Azure Bastion, you see that the service created the connection directly over a secure WebSocket, and among additional research, you will find that it is encrypted end-to-end.
The connection is then routed through Azure Bastion and the VM's RDP or SSH session appears in the Azure portal.
What are the main use cases of the Azure Bastion?
Azure Bastion has so many use cases, I will try and summarise them as follows:
Azure Bastion Host: What are the key features and pricing?
Azure Bastion Key Feature
The key features of Azure Bastion are several, but I will tell you about the important ones that make it a secure and convenient tool:
A secure Remote Access:
Azure Bastion provides a secured and seamless Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to the VMs, so it protects you from any danger coming from the public internet.
Azure Active Directory Integration:
This is the tool used to provide Multi-Factor Authentication for an additional security layer.
to protect the data in transit, and ensure that the connection is secured from all the devices connected to the VM.
by supporting Windows and Linux VMs, and RDP and SSH protocols.
Azure Bastion is very well managed, which helps the customer to know and scale their uses of each service.
Azure Bastion Pricing
For the pricing of Azure Bastion, it’s subject to change, so we recommend to check constantly the official website for any updates.
But, for now, Azure Bastion offers its services at the starting price of $0.19 per hourly (as it follows an hourly bailing than a monthly one), and also with that it comes a free first 5GB a month.
I would like to add that you can pay more if you want additional services, like more storage among other services.
How to configure Azure Bastion and use it for remote access to virtual machines?
Azure Bastion Configuration Process
To make sure that your configuration was successful, follow these steps:
First, you will need to have an Azure account, with an active subscription, and to create a VM on one of the virtual networks.
Second, you will need to create a new Azure Bastion resource in the Azure portal. That can be done by going to the Azure Bastion service page, and clicking on “Add”.
Then fill in the required information, which is normally the type of subscription, resource group, and region where you want to create the Azure Bastion resource.
After that, you will have to select the virtual network where all the VMs are located, so you can access them through Azure Bastion.
Configure the networking settings for Azure Bastion, such as the subnet and public IP address.
Azure Bastion Usage
Now that your Azure Bastion resource is created, let me show you how to use it:
First, access it from the Azure portal the same way you did when creating it, but now you will have to click on the resource.
Then connect to your VM of choice using Azure Bastion, and that by going to the VM’s page and clicking on “Connect”.
Select the “RDP” or “SSH” option, and enter your credentials. That will tell Azure Bastion to create the secured connection to the VM and to display the RDP or SSH session in the Azure portal.
What are the advantages and drawbacks of Azure Bastion?
Azure Bastion Advantages
With everything being said, Azure Bastion is truly a lifesaver, but also it’s not a perfect tool, so let’s start talking briefly about its advantages:
Azure Bastion Drawbacks
Now for the drawbacks, and that’s where we will need to talk:
Tips on how to get the most out of Azure Bastion capabilities
To make it short, I will give you 3 tips on how to use Azure Bastion:
Real-world examples of businesses that are already taking advantage of Azure Bastion
Even though Azure Bastion is a relatively new technology and tool, many industries have adopted it already into their system, like:
As for now, Azure Bastion is considered one of the most important services made by Azure to protect your VMs. Developers now can use their VMs and be confident that they are safe, as I said before, Azure Bastion is your bodyguard, preventing any danger from reaching you.
Azure is working on minimizing their cons and improving their service, to make your experience more seamless and prevent any cyberattack among others.