Just-in-time Access on Azure VMs

Azure Just-In-Time (JIT) Access is a security feature in Microsoft Defender for Cloud that helps protect Azure virtual machines (VMs) from unauthorized access. It does this by restricting inbound traffic on specific ports, ensuring VMs are only accessible when needed and for a limited time.

Just-In-Time works by configuring Network Security Group (NSG) and Azure Firewall rules to block all incoming traffic on designated ports. When access is required, users can request just-in-time access through the Azure portal or command-line interface (CLI). Microsoft Defender for Cloud then evaluates the request and, if approved, temporarily allows inbound traffic on the specified port for the selected duration. Once the time expires, the rule is automatically removed, restoring the VM's protection.

Enabling Microsoft Defender for Cloud

Step 1. Search Microsoft Defender for Cloud on the Global search bar and click it.

Microsoft Defender for Cloud

Step 2. Click the Subscription.

Azure Substriptions

Step 3. Expand the Azure and click the Subscription.

Environment settings

Step 4. Click Enable all plans, select the Plan, click Save, and then Save the Plan.

Enable all plans

Step 5. Check the status of the Server; it should be On.

Status of the server

Enabling JIT for Azure VM

Step 1. Select the Virtual Machine, click Configuration, and Click Enable just-in-time.

Virtual machines

Step 2. After enabling just-in-time, click Open Microsoft Defender for Cloud.

Step 3. Select the VM and click Request Access.

Select VM and Request access

Step 4. Select "On" on the Toggle to enable port 3389; in the Time range, we can assign a time frame to activate the RDP session; after 2 hours, the session will be blocked. Add a description and click "Open Ports" to enable VM access.

Request access

Step 5. After enabling connection to the VM, we can check the configurations that have been applied.

Virtual machines

Up Next
    Ebook Download
    View all
    Learn
    View all
    IFS is a global enterprise software vendor providing solutions that help companies get better return