We're transitioning from a hybrid setup to fully embracing the cloud. Our servers are already synced to an on-premises Active Directory. I set up an Entra-ID joined VM with Entra-ID authentication, and it works well for a few accounts. I'm looking for advice on the best methods for our remote team to connect to the VM and access the necessary applications. Should I assign a public IP with a Network Security Group (NSG) to allow RDP traffic only from our VPN address range? Would utilizing the new Entra Private Access feature be beneficial? Or is it better to implement a VPN gateway and establish a Point-to-Site (P2S) connection? I've come across documentation suggesting that a load balancer is necessary to secure traffic over a public IP. There seem to be many options out there! We have three departments needing access to private resources online. IT can just use Azure Bastion as a solution. Any suggestions?
1 Answer
Bastion is your go-to if an admin needs server access. For desktop users, Azure Virtual Desktop (AVD) is the better option since it has its own gateway and doesn't require public IPs.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures