Azure Security Center provides several threat prevention mechanisms to help you reduce surface areas susceptible to attack. One of those mechanisms is Just-in-Time (JIT) VM Access. Today Microsoft announced the general availability of Just-in-Time VM Access, which reduces your exposure to network volumetric attacks by enabling you to deny persistent access while providing controlled access to VMs when needed.
When you enable JIT for your VMs, you can create a policy that determines the ports to be protected, how long ports remain open, and approved IP addresses from where these ports can be accessed. The policy helps you stay in control of what users can do when they request access. Requests are logged in the Azure Activity Log, so you can easily monitor and audit access. The policy will also help you quickly identify existing virtual machines that have JIT enabled and virtual machines where JIT is recommended.
This feature is available in the standard pricing tier of Security Center