Page History

1. Login to your Azure subscription
   
   
2. In top left (Portal menu), select Security Center Microsoft Defender for Cloud

        If Security Center Microsoft Defender for Cloud is not there, select All services and select from there  Image Removedthere  Image Added

Note:In previous version of Azure this Portal menu is already docked and Portal menu (3 bars) is not available)

Image AddedImage Removed

3. In Security Center, Click on Azure Defender boxMicrosoft Defender for Cloud, click on the Workload Protections:

Image Added

4. Then, click on Just Just in time VM at the bottom of the screenAccess

Note: all subscription VMs should be listed on main (right-side) menu

5. Check VM(s) needed access and click on Request access (on right – top of the VMs list)

6. On the Toggle column, click On server (Port 3389)

Note: the following steps assume that the access is given to user(s) for the internal (private) IP address or subnet ranges

7. Enter IP addresses or subnet ranges and click Open ports (bottom right)

8. Few seconds later these VMs servers will be available for RDP

Explanation of IP ranges column:
It is not typically set this way, but for the purpose of (IP Range) usage, here is what allowed. You can have more than two entries per line separated by comma (","):
1 – Multiple different subnets
2 – Specific IP addresses
3 – Allows 6 IP addresses starting at .98. Entire (all 254 hosts) of different subnet.

Explanation of Time range (hours) Column:
Again, it is not typically set this way, but for the purpose of (Time range) usage
4 – Default range – this port will be open for the next 12 hours
5 – Open for next 6 hours only
6 – Open for next 8 hours only