Trace Id is missing
Skip to main content

Azure Bastion

Fully managed service that helps secure remote access to your virtual machines.

Protect your virtual machines with more secure remote access

Azure Bastion is a fully managed service that provides more secure and seamless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to virtual machines (VMs) without any exposure through public IP addresses. Provision the service directly in your local or peered virtual network to get support for all the VMs within it.

Direct connection for RDP and SSH sessions in the Azure Portal with a single click

Support without the need for an agent in your VM or additional software on your browser

Integration of existing firewalls and security perimeters using a modern HTML5-based web client and standard SSL ports

Scalability to manage additional concurrent SSH and RDP connections

Limit public exposure of virtual machine IPs

Access all virtual machines within a local or peered virtual network through a single hardened access point. No public IP address is required on your VMs—using a Bastion host lets you open a more secure RDP/SSH connection using a private IP address.

A person using a touchscreen device

Protect against zero-day exploits

Use a Bastion host to help limit threats such as port scanning and other types of malware targeting your VMs. Because the host sits at the perimeter of your virtual network, you don’t need to worry about hardening each of your VMs.

Deploy in a few clicks

Azure Bastion provides an integrated platform alternative to manually deploying and managing jump servers to shield your virtual machines. Deploy the Bastion host in just a few clicks to get up and running quickly. The service will begin setting up network security groups (ACLs) across your subnets to keep the IT secure.

A person working on a computer.

Connect more securely from anywhere and on any device

Connect to your virtual machines in your local and peered virtual networks over SSL, port 443, directly in the Azure portal. This clientless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) connectivity enables you to connect from anywhere—on any device or platform—without an additional agent running in your virtual machines.

Comprehensive security and compliance, built in

Get started with an Azure free account

1

Start free. Get USD200 credit to use within 30 days. While you have your credit, get free amounts of many of our most popular services, plus free amounts of 55+ other services that are always free.

2

After your credit, move to pay as you go to keep building with the same free services. Pay only if you use more than your free monthly amounts.

3

After 12 months, you'll keep getting 55+ always-free services—and still pay only for what you use beyond your free monthly amounts.

Trusted by companies of all sizes

Metinvest lays foundations for long-term growth

Global manufacturer Metinvest needed a more scalable infrastructure, so it migrated to Azure. The company now benefits from top-notch security, including Azure Bastion as an essential solution to ensure more secure access to services in VMs.

Back to tabs

Azure Bastion resources and documentation

Get started

Frequently asked questions about Azure Bastion

  • No, you don’t need a client to access the RDP/SSH connection to your Azure Virtual Machine. Use the Azure portal for RDP/SSH access to your virtual machine directly in the browser.

  • No, you don't need to install an agent on your browser or your Azure Virtual Machine. Azure Bastion is agentless and does not require any additional software for RDP/SSH.

  • Use the Microsoft Edge browser for Windows, Google Chrome for Windows and Mac, or Microsoft Edge Chromium for Windows and Mac.

  • Azure Bastion is available in any of these regions via the Azure portal:

    • West US
    • East US
    • West Europe
    • South Central US
    • Australia East
    • Japan East

  • Azure Bastion standard (preview) SKU offers key capabilities for enterprises, unblocking critical customer scenarios.

    The new Azure Bastion standard (preview) SKU includes these features:

    Manual scaling

    Azure Bastion supports manual scaling of the virtual machine (VM) instances that facilitate Bastion host connectivity. Configure between two and 50 instances to manage the number of concurrent SSH and RDP sessions.

    Admin panel

    Azure Bastion supports enabling and disabling features accessed by the Bastion host. Upgrade from basic to standard SKU, configure access to IP-based connection, and manage VM manual scaling.

Ready when you are—let's set up your Azure free account