How to reduce Bruce Force attacks in Azure VMs

Commonly brute force attacks target management ports like 22, 3389… as a means to gain access to Compute VMs, meaning that an attacker can take control of the VM and establish a foothold into your environment.

In order to prevent those attacks, we can configure what is called Just In Time in our VM’s.

JIT is a mechanism that allows to open ports only for a couple of hours, so ports do not need to be open at all times. JIT policies allows to determine which ports has to be protected, how long ports remain open, and approved IP addresses from where thes ports can be accessed.

Also, all the requests are logged into Azure Activity Logs, so is it possible to easily monitor and audit access.

The only thing that you will need to do is to configure the JIT in the VM easily:


Once configured, you can configure all the policies from Azure Security Center


Just-in-Time VM Access reduces your surface area exposed to RDP/SSH brute-force attack. This feature is available in the standard pricing tier of Azure Security Center, and you can try Security Center for free for the first 60 days. Go and try it out!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s