Azure Bastion Reviews

I'm using it for management. It's a management tool. It's like an RDP on HTML. I'm using it to manage virtual machines on Azure.

If you want to manage a server or a virtual machine, you use the remote desktop service to access it. It is on the browser itself. As we are managing Azure Bastion, we have virtual machines, so to access the virtual machines, to avoid having or publishing the RDP port, and to avoid the security breaches on the RDP port, we use the Azure Bastion, which is a managing service on Microsoft. 

As an Azure consultant, for me, it is the best way to give the administrator access as you can manage the permission - including who can access Bastion. 

It is using something called role-based access control, so you can control permission. The good thing with Bastion is its ability to avoid publishing the virtual machines on Azure using public IPs. You will also avoid attacks as most of the attacks on Azure virtual machines come from the remote desktop port. Therefore, with Azure Bastion you will have a Bastion host that will be secure, of course, as it's a gateway secured on HTTPS traffic. 

It's very easy to use as it's in the browser; it is on the menu of the virtual machine, so you just need to type your username and password and you will have a full RDP experience. 

It solves many, many, many, many issues for us.

It's like an RDP gateway. It will let you access the virtual machines and have a full RDP experience. It's not full, however, for example, you cannot copy content inside, due to the RDP not being on the browser. It's HTML-based, where you cannot copy, for example, the full RDP experience to copy data from your computer to the server. That is the only limitation on the Azure Bastion.

If we can copy content and drag and drop it on the HTML, this would be helpful.

There's something called UDR on Azure. We cannot apply, as, when you deploy Azure Bastion, the networking part of the Azure Bastion, it needs a separate subnet for it. When you create the Azure Bastion, you need the subnet, like a network range for this subnet. The issue with that is you cannot manage this subnet on a way to control the traffic and to route the traffic from Azure Bastion, for example, to your firewall. Each virtual network should have its own subnet. This is maybe the problem. It's the networking part and applying the routing table on it that is where the issue lies.

If they can make the Azure console, or the VM console, available on the Azure Bastion, so when you reboot the VM, you can still see what's happening during the reboot, maybe it will be better. You could even troubleshoot issues if you have boot issues on the virtual machine, which is not available in Azure Bastion, as Azure Bastion will just give you access when the VM restarts and when you have the login page of Windows. However, when the VM restarts, you will not have this visibility on what's happening on the reboot, and we face many issues in the boot.

When you have a boot issue on Windows, you cannot use Azure Bastion to fix it. You have to use the Azure console or the VM console, and it is very limited. To make Bastion the best product as a management tool or an RDP tool, it will be better to bring the features of the hypervisor, local hypervisor, Hyper-V console, to Azure Bastion. 

The solution is stable. There aren't issues with bugs or glitches. It doesn't crash or freeze. 

It's not a scalable product. It's a managed service, so you cannot do anything with this service, as this product is managed by Microsoft Azure. You cannot do anything, you just need to deploy it. Therefore, there is no way to make it scalable.

We have many customers using the product. the whole government uses it. 

I've never used technical support for this product. At one point I might have contacted them as a service request to ask about something on the networking of Azure Bastion, however, that's about it.

We did not previously use a different product.

The solution is easy to set up. You need to create a subnet for it and then you just create the Azure host and then you can manage the permission. It's easy. It's very easy to use, to deploy it, and to use it.

Deployment takes maybe around one minute to maybe five minutes. It just takes one person to deploy.

We don't need to worry about maintenance as Microsoft handles it. It's a cloud product.

The solution is a platform as a service.

I don't have any visibility on the pricing. It's not an aspect I handle. 

We're Microsoft partners.

I'm not working as an administrator. I'm a consultant working with the IT company that is delivering Azure to our customers. I'm deploying Azure Bastion for the customers. I even give some knowledge transfer to the customer, the Azure administrator, to manage their virtual machine using Azure Bastion.

If you have an Azure virtual machine, you have to use the Azure Bastion. We force the customers to use it and avoid mapping public IPs on the VMs.

I'd rate the solution at a seven out of ten.

We have implemented it in one of our ITITS firms. We use it simply for IT management and optimization. We use it to connect virtual machines.

The solution acts as a dedicated server and we have implemented multiple software. Users can easily access everything from there. It's a cost-effective solution as we don't want to purchase any servers. Everything's on the cloud. That is the main advantage for the company.

The connection to virtual machines is very useful. We can connect and implement multiple software within a single platform.

This is a cloud-based solution. When we are dumping data into the cloud, it's free of cost. When we retrieve that data from the cloud, they require some amount of money. That is the main drawback of this cloud solution. You are charged for retrieving your own data.

I've been using the solution since 2018. It's been about three years.

The solution is very stable. It's a Microsoft product. They do a lot of R&D. 

The solution is scalable. 

The number of users depends on the licensing arrangement. 

At this time, the solution is used extensively in our company. We do plan to increase usage and add more licenses. 

Technical support is good. They have a lot of patience. They have technical assistance in different territories as well. 

The initial setup is easy and we can configure it very well in a straightforward manner. In a single user, we can implement and configure everything in ten to 15 minutes. 

You only need one or two people to maintain the solution if you have under 500 users. 

We handle the setup with our own team.

In terms of licensing, you can get a minimum number of 10 users in a license. We can upgrade to 100or more. If we purchase a 200 license, that covers 200 users. The licenses are based on the number of users.

The solution is not expensive; when we retrieve the data, however, they will charge per MB. You also need a license to work with the product itself.

We are Microsoft partners.

I'd advise users to consider the solution. As a cloud product, physical servers are not required. It's very convenient that I can use it from my desktop or laptop. there is no dedicated device needed. The only thing that is required is an internet connection.

I'd rate the solution at a nine out of ten.