Azure Bastion or RDP ?

How do you normally connect to your Azure Virtual Machines?

Normally users connect to their Virtual Machines in the Azure portal using an RDP session, which requires the opening of port 3389 in your NSG.

What other options for connecting to Virtual Machines have been introduced recently?

Azure Bastion service is a new feature in the Azure portal.

Let me explain a little more about it.

What is it?

Azure Bastion is a service that is deployed into a Virtual Network that lets you connect to your Virtual Machines using either your internet browser or the Azure portal. It provides secure RDP/SSH connectivity to your VM without the need for assigning a public IP address, this stops your VM from exposing the normal RDP port (3389) to the outside world.

Azure Bastion key benefits:-

  • RDP and SSH directly in Azure portal
  • No Public IP required on the Azure VM
  • No hassle of managing Network Security Groups (NSGs)
  • Protection against port scanning
  • Host scaling

So to sum up, Azure Bastion or RDP?

RDP – Public IP address and port 3389 needed.

            Less secure

            NSG configuration needed

Azure Bastion – More secure

                             No NSG configuration needed.

                             No ports or Public IP’s needed

                             Only one needed per Subscription

About the author