Azure Bastion

Azure Bastion is a service offering that allows us to deploy and let us connect to a virtual machine using the browser and the Azure Portal, or via the native SSHSecure Shell or RDPRemote Desktop Protocol client already installed on our local computer. It provides a more secure and seamless RDP/SSH connectivity experience to our virtual machines directly from the Azure Portal over TLS (Transport Layer Security).

In an RDP connection, a virtual machine needs to configure a public IP that’s exposed to the world, and the client machine uses that IP and login credentials to connect to the virtual machine. However, when connecting via Azure Bastion, our virtual machines don’t require a public IP address, agent, or special client software. Using Azure Bastion helps protect our virtual machines from exposing their RDP/SSH ports to the outside world and provides secure access using RDP/SSH.

VPN

A virtual private network (VPN) enables a user’s device to establish a secure connection with a remote server or machine through a private network. This private network ensures that the information transmitted over the network is encoded and protected.

Additionally, a VPN verifies the identities of the individuals connected to the remote machine, making it harder for unauthorized users to gain access. It also employs measures to detect any attempts to alter the data being transmitted, making it possible to identify if the information has been tampered with.

Azure Bastion