Introducing Bastion, Microsoft’s latest Azure service that’s now in public preview. The focal point of its design is to provide the option of remotely accessing your virtual machines in a manner that is safe and secure.
Bastion hosts, specifically, are one of the ways to make a stand against hacking attacks. These are special computers that are part of a network one wants to defend, and this is where Microsoft got the inspiration when naming the newest Azure service.
The recent entry on Microsoft’s official blog reveals additional details about the new service. Supposedly, this is a PaaS service that allows for RDP and SSH connectivity over SSH, so your virtual machines can stay safe without exposing their IP addresses. It was noted that the new service provisions directly in your Azure Virtual Network, so there is no need to worry about having to manage network security policies.
Before making this preview public, Microsoft claims to have been working with hundreds of customers. The participants were looking for a streamlined way to run, deploy, as well as scale bastion hosts within the Azure infrastructure.
If you want to initiate RDP and SSH sessions directly in the Azure portal, this is where Bastion comes in. The Microsoft Azure virtual machines require no public IP, meaning the infrastructure won’t be publicly exposed on the internet. Moreover, it offers a way to protect against external port scanning as well.