Azure Bastion is a PaaS offering that lets you connect to Azure Virtual Machines (VM) securely over the internet using Microsoft's backbone network. The bastion host is deployed inside a virtual network and also supports peering to allow usage across the infrastructure. While providing access to the VM resources, it also eliminates the need to assign public IP to the VMs individually.
While organizations are working hard to keep their infrastructure secure and proactively block suspicious traffic to the public endpoints, Bastion host reduces the overhead of managing the security aspect of the RDP/SSH access as it is designed to withstand port scanning and zero-day exploits. Since the bastion acts as a jump-server, only authorized traffic is allowed to pass through without opening any ports to the internet.
In this hands-on lab, you'll understand the basics of the Bastion offering and configure the Bastion host using Azure Portal to RDP into a Windows VM in Azure.
Upon completion of this beginner level lab, you will be able to:
Familiarity with the following will be beneficial but is not required:
The following content can be used to fulfill the prerequisite:
Parveen is an Azure advocate with previous experience in the professional consulting services industries. He specializes in infrastructure and DevOps with a wide range of knowledge in security and access management. He is also an Azure Certified - DevOps Engineer Expert, Security Engineer, Developer Associate, Administrator Associate, CompTIA Certified - Network+, Security+, and AWS Cloud Practitioner.
Parveen enjoys writing about cloud technologies and sharing the knowledge with the community to help students upskill in the cloud.