Enable and enforce just-in-time VM access
Intermediate
Security Engineer
Microsoft Defender for Cloud
Azure Virtual Machines
Azure
Enable and configure just-in-time VM access in Microsoft Defender for Cloud to eliminate permanently open RDP and SSH ports. Configure per-port access policies, request time-bound access to VMs, audit access activity, and enforce JIT adoption across your VM estate using Azure Policy.
Learning objectives
After completing this module, you can:
- Examine how just-in-time VM access reduces the attack surface on management ports
- Enable JIT and configure per-port access policies on Azure VMs
- Request and approve JIT access and audit access activity
- Enforce JIT adoption across a VM estate using Azure Policy
Prerequisites
- Microsoft Defender for Servers Plan 2 enabled on the subscription
- Working knowledge of Azure Virtual Machines and network security groups
- Basic familiarity with Microsoft Defender for Cloud
Get started with Azure
Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.