As most of you know, it’s possible to provide a virtual machine in Azure with a public IP address. This IP address can then be used to build a connection to, for example, RDP or SSH.
This way of connecting takes place over the Internet, which entails a great security risk. In many environments we see jumpbox or stepping stone servers, which are placed in the DMZ. These servers can be accessed from the Internet, and from these servers a connection can be made to a server or multiple servers on the internal network.
Such an arrangement is not safe, unmanageable and vulnerable. Azure Bastion is a great addition to facilitate a secure connection to a virtual machine in Azure. Azure Bastion integrates into the Azure portal, requiring multi-factor authentication. The virtual machines do not need to have a public IP address, so they are not accessible directly from the Internet.
Azure Bastion is a fully managed, autoscaling and hardened PaaS service, to provide you secure RDP and SSH connectivity. Het is eenvoudig te configureren in slechts een aantal stappen. Door gebruik te maken van virtueel netwerk peering, is het mogelijk om Azure Bastion eenvoudig toe te voegen aan een bestaande configuratie in Azure.
- Configure a new virtual network for Azure Bastion
- Create a new subnet named ‘AzureBastionSubnet’ required for Azure Bastion
- Configure virtual network peering to your other networks
- Create an Azure Bastion host
- Login in the VM through the Azure portal using Azure Bastion
- See the list of active sessions in the Azure Bastion Host properties
Now you can securely connect through Azure Bastion to a virtual machine running RDP or SSH. As you can see, the virtual machine I’m connecting to has no public IP address, only a internal IP address.
Just like every Microsoft Ignite, the book of news is announced! It is your digital guide to all the new announcements Microsoft is making, including all the details. It presents news about Microsoft Azure, Security, Microsoft 365, Power Platform and more.
Microsoft has releashed the Insider Preview of Windows Server 2022. There is not that much information available, but a few new features are: Microsoft Edge with the Chromium engine is installed by default, TLS 1.3 support, AES-256 encryption for SMB traffic and a realy great look!!
You can download Window Server 2022 insider preview here.
You can download the: ISO, VHDX, Microsoft Server Language Pack/Features on Demand and Windows Admin Center.
I already installed the new Insider Preview and here are some first pictures.
Do you want to know all the ins and outs about cloud computing. What is the cloud? What is Azure? What kind of functionalities and concepts are available within this cloud?
You’ll find all the answers in this great free ebook ‘Azure for Architecs’.
Download the free ebook here.
Microsoft Ignite 2012 wil be held on 2-4 March 2021. Just like last year, this event will be fully digital!!
I’m really looking forward to visit this digital event.
MyIgnite – Your home for Microsoft MyIgnite
During the Microsoft events, especially Microsoft Ignite, we’ all collect as much as possible swag. Like t-shirts, stickers and other things. During this online Microsoft Ignite event, we can’t collect some swag.
BUT….Microsoft has created a digital swag kit, including cool wallpapers, Teams background, social media stickers, your digital badge and even some great things for the kids.
You can download the digital swag kit here.
Yesterday, the biggest Microsoft event in the world has started, Microsoft Ignite 2020! This year, it’s completely digital and online!
If you’re not going to watch all the sessions, but you only want to know all the new announcements, start reading the ‘Book of news’. This document will give you an overview of all the new stuff. Happy reading!
Download the Book of news.
Azure Backup now has even greater support and functionality for Azure VM backups:
- Azure Backup is introducing restoring Unmanaged VMs/Disks as Managed VMs/Disks to provide the benefit of Managed disks for customers who are currently backing up their unmanaged disks.
For more details, please read our documentation
- Azure Backup now supports Replace existing disks as an option for VMs that have Managed Service Identities (MSI) Both User assigned Identities and System assigned Identities.
For more details, please read our documentation.
All the above features are generally available in all Azure regions.