No Result
View All Result
Simon Angling
  • Home
  • About Me
  • Cyber Security
  • Productivity
  • Blog
    • Cyber Security
    • Design
    • Education
    • Learning Out Loud
    • Microsoft
    • Productivity
    • Technology
  • Contact Me
Simon Angling
  • Home
  • About Me
  • Cyber Security
  • Productivity
  • Blog
    • Cyber Security
    • Design
    • Education
    • Learning Out Loud
    • Microsoft
    • Productivity
    • Technology
  • Contact Me
No Result
View All Result
Simon Angling
No Result
View All Result
Home Learning Out Loud

Implementing Just-in-time VM Access in Azure Security Center

Simon Angling by Simon Angling
February 7, 2020 - Updated on February 9, 2020
in Learning Out Loud, Technology

Following on from A Quick Look at Azure Just-in-Time Virtual Machine Access (JIT), I promised to cover the implementation of JIT.

In this post, I will focus on configuring JIT access within the Azure Security Center.

Remember that JIT is only available with Security Center Standard Tier. You can compare the Free Tier and Standard Tier on the Security Center pricing page.

Configuring JIT access within the Azure Security Center

Open the Security Center dashboard and select Just in time VM access under Advance Cloud Defence in the left-hand menu.

The  Just in time VM access panel will show your virtual machines under three tabs. Configured, Recommended and No recommendations.

The Configured tab, as shown above, shows servers that are already configured with JIT.

The third tab, No recommendation, shows VMs that JIT is not available for – either they are Classic VMs, have no associated NSG, or JIT policy is turned off on their scope.

The Recommend tab, below, shows servers that JIT can (and probably should) be turned on for. Simply select the servers you wish to configure and click Enable JIT which will bring up the JIT VM Access configuration panel.

From the JIT VM access configuration panel one could just press save and move on (especially if you’re feeling lazy) – and often one will. This will enable JIT with the default ports recommended by Azure Security Center:

  • 22 – SSH
  • 3389 – RDP
  • 5985 – WinRM
  • 5986 – WinRM

However, if you wish to add a rule for another port, you can click Add, or if you wish to edit one of the standard ports then click it to open the Add port configuration panel.

As seen above, whether adding or editing, in the Add port configuration panel you can specify the port, protocol, which IP address can connect as well as the maximum connection time.

Requesting JIT access via Security Center

Under the configured tab you can select the VMs you wish to grant access to and then click Request access

The Request access window will open:

Under Request access, for the requested VMs you can configure the ports that you want to open by selecting On. You will then specify the IP address or range from which the port will be accessible and how long the port will be open.

My IP is the IP address of the user requesting access and automatically filled. IP Range needs to be added as a single IP address or a CIDR range such as 192.168.0.0/24.

Next up tomorrow, we will look at the same process but directly from the VM page.

This post is part of my Learning out Loud series. You can read more about Learning out Loud and how it came about here: https://simonangling.com/learning-out-loud/

Related

Tags: AzureJITLearning Out LoudSecurity
Previous Post

Office 365 available free for South African youth!

Next Post

Implementing Just-in-time VM Access in VM page

Next Post

Implementing Just-in-time VM Access in VM page

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts

GTD and InBox Zero with Microsoft Outlook

Microsoft Defender Products and Licensing Demystified

Implementing Just-in-time VM Access in Azure Security Center

Defender for Endpoint for Servers vs Defender for Cloud Server

Free Data Ingestion into Microsoft Sentinel Explained

Increasing upload_max_size in php.ini with Azure Web Apps

What is Security Orchestration, Automation, and Response (SOAR)

Azure Front Door Vanilla, Standard and Premium

What is Zero Trust, and how Microsoft implements it

Microsoft Cybersecurity Reference Architectures (MCRA) Updated

Categories

  • Africa Overland
  • Archive
  • Asides
  • Cyber Security
  • Design
  • Education
  • Learning Out Loud
  • Microsoft
  • Personal
  • Productivity
  • Quotes
  • South Africa
  • Technology
  • Web Development
  • Privacy Policy
  • Cookie Policy

© 2024 Simon Angling

No Result
View All Result
  • Home
  • About Me
  • Cyber Security
  • Productivity
  • Blog
    • Cyber Security
    • Design
    • Education
    • Learning Out Loud
    • Microsoft
    • Productivity
    • Technology
  • Contact Me

© 2024 Simon Angling