Announcing the Just-In-Time VM Access pubic preview

Attackers commonly target cloud environments with Brute Force or Port Scanning attacks, typically against management ports like RDP and SSH that are left open to enable administrators access. In addition to detecting and alerting you to these attacks, Azure Security Center just released a new Just-In-Time (JIT) VM Access mechanism. JIT VM Access, now in public preview, significantly reduces your exposure to these attacks by enabling you to deny persistent access while providing controlled, audited access to VMs when needed.

Based on the security policy you set, Azure Security Center can recommend that JIT Access be enabled on your existing VMs and any new ones that are created. When JIT VM Access is enabled, Azure Security Center locks down inbound traffic to defined ports by creating Network Security Group rule(s). You can request access to the VM when needed, which opens the needed port for an approved amount of time, from approved IP addresses, and only for users with proper permissions. Requests are logged in the Azure Activity Log, so you can easily monitor and audit access. You can also enable JIT VM Access, configure policies and request access through Powershell cmdlets.

 

 

Read more about it in the Azure blog.