Case Study: Azure Bastion Enables Secure On-Demand VM Access
Customer About
Founded in 2015, a leading technology corporation merged with AR/VR Research Group of one of the most prestigious research institute of Taiwan, Industrial Technology Research Institute (ITRI). After the merge, this corporation with a head count over 100 received fund by internationally recognized ventures and development funds including National Development Fund, Alibaba Entepreneurs Fund, Taya Venture, etc. Headquartered in Taiwan, with approximately 50 members, this corporation has branched in Silicon Valley of US, Europe, China, and Hongkong.
Their cutting-edge expertise in AR/VR content platforms leads to their global strategic partnership with Google, Intel, ARM, Microsoft, ASUS, etc. Services of this corporation includes AR/VR adaptation in the real estate, design, furnishing, e-commerce, and tourism industry, expanding their global market to 20+ countries in North America, Central America, Europe, Asia, and Middle East.
Challenge
This corporation’s technical employees frequently travel overseas to support their customers. Therefore, a secure easy-access network to their company’s resources such as virtual machines is crucial to their customer success objective. Their most recent approach is to connect to the company VPN/SSH for VM access, but this method is cumbersome to their employees.
Their VMs are split between various regions of VNet, which drastically increases the complexity of resource access. Other than the inconvenience of the current approach, this corporation has concern about the possible security breach during the pandemic. As more companies began to work at home, more attacks on company network is anticipated. Therefore, they deliver this difficulty to the Caloudi Migration team.
Choice of Cloud Migration- Microsoft Azure
Microsoft Azure is a smart, cost-effective public cloud that assists organizations to remain competitive and profitable. By adopting Microsoft Azure, organizations can optimize cost, speed up the delivery of solutions, and focus on higher impact work.
According to Microsoft research, organizations save up to 80% of their spending on Windows server and increase 25% in IT productivity using Microsoft Azure. In addition, organizations can enjoy scalable storage, stronger data security, task automation, and plenty of cloud services while utilizing Microsoft Azure to meet each company’s cloud usage demands.
Solution
We proposed Azure Bastion solution in order to tackle this global on-demand accessibility and security issue.
Our plan of approach involves the deployment of Bastion Resource in VNet and using RDP/SSH to connect to VM. Since Bastion Resource allow the use of entirely private company VM without the use of Public IP diminishes the possibility of successful cyber-attacks. This solution introduces simplicity, mobility, and automation to VM access. Members of this corporation can simply connect to VM through Azure Portal using any browser that supports HTML5.
A click on the “connect” button after selecting RDP/SSH connection option is all that is needed to access VM with minimal cost and secured connection. During times where VM connection is no longer needed, Bastion Resource can be cancelled effortlessly and re-deployed at ease using ARM template.