BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Microsoft Announces Public Preview of Bastion Standard SKU

Microsoft Announces Public Preview of Bastion Standard SKU

This item in japanese

Bookmarks

Azure Bastion is a fully-managed Platform as a Service (PaaS) solution providing customers a secure way to connect to a virtual machine using a browser and the Azure portal. Recently, the company announced the public preview of the second Stock Keeping-Unit (SKU) called Standard.

Microsoft first introduced Azure Bastion two years ago in preview as a secure remote desktop solution, which does not require organizations to expose virtual machines using public IP Addresses. Instead, the connectivity to virtual machines is provided through RDP and SSH over the Secure Sockets Layer (SSL) – the base functionality offered in the Basic SKU. Now, the company provides another SKU with Standard including premium features such as:

  • Manual scaling of the Virtual Machine (VM) instances, facilitating Bastion connectivity from 2 up to 50 instances to manage the number of concurrent SSH and RDP sessions Azure Bastion can support.
  • Support for IP-based connections – users can provide the IP address of the target VM/VMSS to allow Bastion to manage connectivity within the local/peered virtual network and on-premises and other cloud providers' networks. 
  • An Azure Bastion admin panel providing enabling/disabling features accessed by the Bastion host. Furthermore, users can upgrade from Basic to Standard SKU with the panel, configure access to IP-based connection, and manage VM manual scaling.

 
Source: https://docs.microsoft.com/en-us/azure/bastion/tutorial-create-host-portal

When configuring Azure Bastion, a Virtual Machine (VM) instance is created, which runs all the processes required for running the service. With Basic, the instances are limited to two, while with Standard, a user can manually change them up to 50. Furthermore, each instance can support 10-12 concurrent RDP/SSH connections depending on what actions users take when connecting to the client VM. And instances for Azure Bastion are created in a so-called AzureBastionSubnet - for scaling, the subnet size must be larger than 26 to allow scaling up to 50 instances (a smaller subnet space limits the number of scale units).


Source: https://docs.microsoft.com/en-us/learn/modules/connect-vm-with-azure-bastion/3-how-does-azure-bastion-work

Azure Bastion is a capability in the Cloud providing access to the internal network from an external network, like the internet. Other public cloud providers like AWS and Google also offer the same capabilities. AWS, for instance, has Amazon Appstream 2.0, a fully-managed non-persistent desktop and application virtualization service. In contrast, Google has Cloud Identity-Aware Proxy (IAP), which users need to set up per project.

Holger Mueller, principal analyst and vice president at Constellation Research Inc., told InfoQ:

The Cloud is attracting more traditional data center loads, which means opening up SSH and RDP channels to run workloads the same way as they were run on-premises. To tap into this potential, the cloud providers are shipping platforms to manage this, and today Microsoft, fittingly called Bastion, takes another step with the preview of the Standard SKU.

Pricing of Azure Bastion Standard starts at $0.29 an hour, and more details on prices are available on the pricing page. Furthermore, details of the service are available on the landing page.

Rate this Article

Adoption
Style

BT