New Training: Secure Azure Virtual Networks
In this 7-video skill, CBT Nuggets trainer Knox Hutchinson teaches you how to secure your Azure virtual networks. From the basics of network security groups to the deploying of Azure Bastion with a hosted Firewall appliance, this skill will introduce you to the concepts you need to secure your Azure IaaS networks. Watch this new Azure training.
Learn Azure with one of these courses:
This training includes:
35 minutes of training
You’ll learn these topics in this skill:
Securing Azure Virtual Networks
Network Security Group
Configuring and Verifying NSGs
Describing Azure Firewall
Implementing Azure Firewall
Summarizing Azure VNet Security
Ditch the SSH Security Risk with Azure Bastion
One of the core tenants of managing virtual machines in the cloud is setting up a secure SSH environment for those virtual machines to interact with them. Though using SSH tunnels to remotely log into cloud VMs is considered industry practice, the fact remains that you need to allow those SSH connections through your firewall. Likewise, depending on which client OS you are using, SSH can be a bit finicky. If your cloud environment is hosted within the Azure ecosystem, this is a good use case for Azure Bastion.
Azure Bastion is a web-based tool used to remotely access Azure-based VMs from within the Azure dashboard. It doesn't require an external IP to work. That means you don't need to poke a hole in your firewall for SSH or RDP tunnels. Yet, it still uses secure SSL connections to communicate with your VMs.
Azure Bastion is easy to configure yet fully customizable. Like your WAF, Bastion can be configured to work against your ACL groups and various subnets. It can also communicate across the entire Azure ecosystem, so there isn't a need to set up complicated routes.
Though Bastion is a great PaaS for managing your Azure environment, it does come with a cost. IT admins will need to understand the pros and cons of using Bastion before subscribing to it.