Microsoft Launches Azure Bastion Premium SKU with Advanced Security and Monitoring Features

Network Security

Key Takeaways:

  • The new Azure Bastion Premium SKU offers advanced monitoring, recording, and auditing capabilities, providing robust security for organizations with highly sensitive workloads.
  • The Premium SKU includes a Private Only Azure Bastion feature, allowing secure access to Azure virtual machines via a private endpoint.
  • Organizations can benefit from graphical session recording to help administrators detect anomalies and potential security breaches.

Microsoft has launched a new Premium SKU in public preview for its Azure Bastion service. This new offering is designed to deliver advanced monitoring, recording, and auditing capabilities tailored for organizations managing highly sensitive workloads.

Azure Bastion is a fully managed service that enables organizations to securely access Azure virtual machines (VMs) via a private Internet connection. It’s an agentless service that does not require any additional software for Remote Desktop Protocol (RDP) or Secure Shell Protocol (SSH). Azure Bastion is available in Developer, Basic, Standard, and Premium SKUs, catering to various functionality and cost requirements.

Microsoft emphasized that the new Azure Bastion Premium SKU offers several security features to protect sensitive organizational data. A new Private Only Azure Bastion feature allows customers to access their Azure VMs through a private endpoint. This capability eliminates the need to secure public IP addresses in enterprise environments.

Additionally, Azure Bastion Premium offers more recording and recording capabilities for organizations. The graphical session recording feature logs every VM session activity initiated through an Azure Bastion connection. Users will be able to access these recordings in the Azure Bastion resource blade. It should help to detect anomalies and unexpected behavior that could lead to data exfiltration and security breaches.

“Its mission is to offer enhanced security features that ensure customer virtual machines are connected securely and to monitor virtual machines for any anomalies that may arise. Our first set of features will focus on ensuring private connectivity and graphical recordings of virtual machines connected through Azure Bastion,” explained Aaron Tsang, Product Manager at Microsoft.

Microsoft Launches Azure Bastion Premium SKU with Advanced Security and Monitoring Features
Azure Bastion Premium (Image Credits: Microsoft)

Getting started with Azure Bastion Premium

To get started with Azure Bastion Premium, IT administrators will need to follow the steps mentioned below:

  • Head over to the Azure portal.
  • Manually configure and deploy Azure Bastion with the Premium SKU included.
  • Navigate to the “Configure IP Address” section and enable the Private Only Azure Bastion option.
  • Select the Advanced tab and select the session recording (Preview) option.

Overall, the launch of the Azure Bastion Premium SKU has been well-received by IT administrators. They value its easy deployment and enhanced security, which eliminates the need for public IP addresses and reduces the attack surface.

Microsoft plans to add more capabilities to Azure Bastion Premium later this year. If you’re interested, you can find more details about Azure Bastion SKUs on this support page.