Just-in-time Virtual Machine access
Date updated: 14 September 2017
Attackers commonly target cloud environments with brute force or port scanning attacks, typically against management ports like RDP and SSH that are left open to enable administrator access. Azure Security Center, in addition to detecting and alerting you to these attacks, has released a new just-in-time VM access mechanism. Just-in-time VM access, now in preview, significantly reduces your exposure to these attacks by enabling you to deny persistent access while still providing controlled, audited access to virtual machines when needed.
Based on the security policy you set, Azure Security Center will recommend that just-in-time VM access be enabled on your existing virtual machines, as well as any new ones that are created. When just-in-time VM access is enabled, Azure Security Center locks down inbound traffic to defined ports by creating network security group rules.
Learn more about the benefits of just-in-time VM access