Fully managed service that helps secure remote access to your virtual machines.
Protect your virtual machines with more secure remote access
Azure Bastion is a fully managed service that provides more secure and seamless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to virtual machines (VMs) without any exposure through public IP addresses. Provision the service directly in your local or peered virtual network to get support for all the VMs within it.
Direct connection for RDP and SSH sessions in the Azure Portal with a single click
Support without the need for an agent in your VM or additional software on your browser
Integration of existing firewalls and security perimeters using a modern HTML5-based web client and standard SSL ports
Scalability to manage additional concurrent SSH and RDP connections
Limit public exposure of virtual machine IPs
Protect against zero-day exploits
Deploy in a few clicks
Connect more securely from anywhere and on any device
Comprehensive security and compliance, built in
Microsoft invests more than USD 1 billion annually on cybersecurity research and development.
We employ more than 3,500 security experts who are dedicated to data security and privacy.
Learn more about Azure Bastion pricing
Using a Bastion is more cost-effective than manually deploying your own jump box. It’s charged on a fixed per-hour basis, plus charges for outbound data transfers.
Get started with an Azure free account
Start free. Get USD 200 credit to use within 30 days. While you have your credit, get free amounts of many of our most popular services, plus free amounts of 55+ other services that are always free.
After your credit, move to pay as you go to keep building with the same free services. Pay only if you use more than your free monthly amounts.
After 12 months, you'll keep getting 55+ always-free services—and still pay only for what you use beyond your free monthly amounts.
Trusted by companies of all sizes
Metinvest lays foundations for long-term growth
Global manufacturer Metinvest needed a more scalable infrastructure, so it migrated to Azure. The company now benefits from top-notch security, including Azure Bastion as an essential solution to ensure more secure access to services in VMs.
Azure Bastion resources and documentation
Explore learning paths and modules
Start with the Introduction to Azure Bastion learning module.
Learn to connect to virtual machines through the Azure portal using Azure Bastion.
Frequently asked questions about Azure Bastion
No, you don’t need a client to access the RDP/SSH connection to your Azure Virtual Machine. Use the Azure portal for RDP/SSH access to your virtual machine directly in the browser.
No, you don't need to install an agent on your browser or your Azure Virtual Machine. Azure Bastion is agentless and does not require any additional software for RDP/SSH.
Use the Microsoft Edge browser for Windows, Google Chrome for Windows and Mac, or Microsoft Edge Chromium for Windows and Mac.
Azure Bastion is available in any of these regions via the Azure portal:
- West US
- East US
- West Europe
- South Central US
- Australia East
- Japan East
Azure Bastion standard (preview) SKU offers key capabilities for enterprises, unblocking critical customer scenarios.
The new Azure Bastion standard (preview) SKU includes these features:
Azure Bastion supports manual scaling of the virtual machine (VM) instances that facilitate Bastion host connectivity. Configure between two and 50 instances to manage the number of concurrent SSH and RDP sessions.
Azure Bastion supports enabling and disabling features accessed by the Bastion host. Upgrade from basic to standard SKU, configure access to IP-based connection, and manage VM manual scaling.