Attackers commonly target open ports on Internet-facing virtual machines (VMs), spanning from port scanning to brute force and DDoS attacks. In case of a successful brute force attack, an attacker can compromise your VM and establish a foothold into your environment. Once an attacker is in your environment, he can profit from the compute of that machine or use its network access to perform lateral attacks on other networks.
One way to reduce exposure to an attack is to limit the amount of time that a port on your virtual machine is open. Ports only need to be open for a limited amount of time for you to perform management or maintenance tasks. Just-In-Time VM Access helps you control the time that the ports on your virtual machines are open. It leverages network security group (NSG) rules to enforce a secure configuration and access pattern.
Today we are excited to announce the public preview of configuring Just-In-Time VM Access from the virtual machine blade to make it even easier for you to reduce your exposure to threats.
In one simple click, a Just-In-Time VM access policy is applied to a VM. This will configure a policy that locks down the machine RDP or SSH ports, depending on the OS of the respected VM. When an authorized user wants access to the ports for management or maintenance purposes, he or she can use Just-In-Time VM Access to request access to those ports for up to 3 hours. After 3 hours, the management ports will automatically be locked down to help reduce those ports susceptibility to an attack.
While setting Just-in-Time VM Access is already available as a feature in Azure Security Center, we added it to the virtual machine experience to make it easier for you to protect your management ports from attacks while you are configuring other settings in the virtual machine blade.
To get started with Just-in-Time VM Access, you can start your free 60-day trial of Azure Security Center today. If you are currently using the Security Center Free tier, you can simply upgrade your subscription to the Standard Tier to take advantage of Just-In-Time VM Access.
To learn more about Just-in-Time VM Access, visit the documentation.