JIT (just-in-time) on Azure VM

· What is JIT (just-in-time)

JIT is use to secure port of VM.JIT is feature of Microsoft Defender for Cloud. This defender is use for secure azure virtual machine. JIT mainly provide manage open port on VM like SSH, RDP. There open port is danger for VM because attacker always scan the internet for open ports like RDP or SSH. If you have a port open all the time on VM, it’s target for attack.

JIT is stop the malicious attack for VM access. JIT work specific time duration to open port for you need and automatically closed specific time duration has end.

The just-in-time option is available only for the standard security center tier, it is only enable for VMs.

Enable just-in-time access on VM

· Follow below steps.

Step 1: Select your virtual machine to enable Just-in-time access. Enter Configuration section and click “Enable Just-in-time” button.

Step 2: Enable Just-in-time click link showing below. Enter the Microsoft Defender for Cloud.

Step 3: Enter Not Configured section. Select JIT enabled VM and click “Enable JIT on 0 VMs” button for open a port

Step 4:   Add port you want need to open such as RDP. Select IP rang and set time to port will open till that time. Then Just-in-time will enable

Enable ports to JIT request access

· Follow below steps.

Step 1: Select virtual machine to enable ports like RDP, SSH.

Step 2: Enter configuration section in virtual machine.

Click link show below Image.

Step 3: Select JIT enabled VM and click “Request access” button for open RDP port.

Step 4: Set request access.

Ø Toggle > on.

Ø Allowed source IP > set IP Range.

Ø IP Range > Add source IPs to apply JIT.

Ø Time Range > set hours to open RDP port.

Ø Click “Open ports” button.