Just-in-time (JIT) VM access for Azure Firewall is now generally available
Posted on Wednesday, August 21, 2019
Just-in-time (JIT) VM access for Azure Firewall is now generally available. Use it to secure your Azure Firewall protected environments in addition to your NSG protected environments.
JIT VM access reduces exposure to network volumetric attacks by providing controlled access to VMs only when needed, using your NSG and Azure Firewall rules.
When you enable JIT for your VMs, you create a policy that determines the ports to be protected, how long the ports are to remain open, and approved IP addresses from where these ports can be accessed. This policy helps you stay in control of what users can do when they request access.
Requests are logged in the Azure Activity Log, so you can easily monitor and audit access. The just-in-time blade also helps you quickly identify existing VMs that have JIT enabled and VMs where JIT is recommended.