HomeWinBuzzer NewsMicrosoft Expands Azure Bastion with New Premium SKU

Microsoft Expands Azure Bastion with New Premium SKU

Azure Bastion Premium is a new SKU that brings more features for providing security to cloud virtual machines.


has rolled out the public preview for Azure Bastion Premium, a new SKU aimed at increasing the security of virtual machines (VMs) within the Azure ecosystem. This offering targets organizations with high security and compliance needs by introducing advanced features.

Connecting Via Private Endpoints

The “Private Only” mode is one of the notable features of Azure Bastion Premium. This capability allows Azure VMs to be accessed through a private endpoint, thereby eliminating the necessity for a public IP address. This feature is highly beneficial for entities adhering to stringent security policies and seeking to minimize exposure to internet threats. Those connecting from an on-premises network can combine this feature with Azure ExpressRoute private peering, ensuring a secure connection.

Advanced Monitoring and Logging

In addition, Azure Bastion Premium brings in enhanced monitoring and logging features. A key feature is the “graphical session recording” which logs all VM session activities initiated via Azure Bastion. Organizations can choose where these recordings are stored and determine their retention period. It proves useful for identifying unusual user behaviors that could signal security issues. Recorded sessions can be examined to understand actions taken during potentially anomalous activities.

Accessing Azure VMs Securely

Bastion was initially announced for Azure in 2019. Azure Bastion allows users to securely access Azure VMs through the internet. This is done by initiating Remote Desktop Services (RDS) or Secure Shell (SSH) connections from the Azure Portal using an HTML5 web browser. The connection uses Secure Sockets Layer (SSL) to securely connect to the Azure Bastion service via Port 443, enabling access to an Azure VM using a private IP address.

Azure Bastion is a platform as a service (PaaS) that gives Microsoft's cloud customers access to RDP and SSH connectivity to VMs through the Secure Socket Layer (SSL). Khalidi says access is delivered without exposing data to public IPs.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News