Just-in-time (JIT) VM access for Azure Firewall is now generally available
Published date: 21 August, 2019
Just-in-time (JIT) VM access for Azure Firewall is now generally available. Use it to secure your Azure Firewall protected environments, in addition to your NSG-protected environments.
JIT VM access reduces exposure to network volumetric attacks by only providing controlled access to VMs when needed, using your NSG and Azure Firewall rules.
When you enable JIT for your VMs, you create a policy that determines the ports to be protected, how long the ports are to remain open and approved IP addresses from where these ports can be accessed. This policy helps you stay in control of what users can do when they request access.
Requests are logged in the Azure Activity Log, so you can easily monitor and audit access. The just-in-time blade also helps you quickly identify existing VMs that have JIT enabled and VMs where JIT is recommended.