Secure login to remote app

%3CLINGO-SUB%20id%3D%22lingo-sub-1716057%22%20slang%3D%22en-US%22%3EVPN%20to%20remote%20app%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1716057%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3EI've%20deployed%20a%20remote%20app%20in%20a%20Virtual%20Machine%20in%20Azure%2C%20which%20connects%20to%20an%20Azure%20database.%3C%2FP%3E%3CP%3EUsers%20of%20the%20app%20have%20no%20'onprem'%20-%20they%20are%20independent%20service%20providers%20under%20short%20contracts.%20At%20the%20moment%20I%20direct%20users%20to%20aka.ms%2Fwvdarmweb%20where%20they%20sign%20in.%3C%2FP%3E%3CP%3EBut%20these%20users%20are%20now%20entering%20sensitive%20data%2C%20and%20I%20feel%20that%20their%20connections%20should%20be%20more%20secure.%20Should%20they%20each%20be%20using%20a%20VPN%20to%20signin%2C%20or%20are%20there%20other%20options%3F%20Bastion%3F%3C%2FP%3E%3CP%3E%26nbsp%3BAny%20suggestions%20or%20pointers%20appreciated.%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EJack%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi,

How do I secure the user's initial login to azure? At the moment it seems quite exposed.

 

I've deployed a remote app in a Virtual Machine in Azure, which connects to an Azure database.

Users of the app have no 'onprem' - they are independent service providers under short contracts. At the moment I direct users to aka.ms/wvdarmweb where they sign in.


This is what I see in the latest announcement, which seems to address this issue, but I can find no further information:

"Direct RDP to session host: We are introducing a new capability that can be set at a host pool level and will take into account the type of network you are connecting from, and when possible, establish a direct peer-to-peer UDP connection to the session host rather than over the internal Windows Virtual Desktop gateways. By eliminating the intermediate hops and using a more efficient connection over a trusted network, you get a secure optimized experience with lesser connection latency and better performance."

 

Any pointers appreciated.

Thanks,

Jack

0 Replies