Managed Services 1.0

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 31 Current »

Overview

Kodak uses Microsoft Defender for Cloud's just-in-time (JIT) access to protect your Azure virtual machines (VMs) from unauthorized network access. JIT lets you control access to your VMs when the access is needed, on the specific ports needed, and for the period of time you specify.

Please open a support call with Kodak if you need assistance with configuring JIT. Instructions are available on the Partner Place website (partnerplace.kodak.com). Authenticated customers can log in and find the instructions by searching for answer ID 76119.

Configuration

  1. Login to your Azure subscription

  2. In top left (Portal menu), select Microsoft Defender for Cloud

        If Microsoft Defender for Cloud is not there, select All services and select from there.


Note: In previous version of Azure this Portal menu is already docked and Portal menu (3 bars) is not available)




3. In Microsoft Defender for Cloud, click on the Workload Protections:

4. Then, click on Just in time VM Access

Note: all subscription VMs should be listed on main (right-side) menu

5. Check VM(s) needed access and click on Request access (on right – top of the VMs list)


6. On the Toggle column, click On server (Port 3389)

Note: the following steps assume that the access is given to user(s) for the internal (private) IP address or subnet ranges

7. Use My IP for Allow Source IP and click Open ports (bottom right)


8. Few seconds later these VMs servers will be available for RDP. Navigate to the VM, click connect – RDP and download the RDP file

9. Double-click the downloaded RDP file and enter credentials to connect.


Explanation of IP ranges column:
It is not typically set this way, but for the purpose of (IP Range) usage, here is what allowed. You can have more than two entries per line separated by comma (","):
1 – Multiple different subnets
2 – Specific IP addresses
3 Allows 6 IP addresses starting at .98. Entire (all 254 hosts) of different subnet.

Explanation of Time range (hours) Column:
Again, it is not typically set this way, but for the purpose of (Time range) usage
4 – Default range – this port will be open for the next 12 hours
5 – Open for next 6 hours only
6 – Open for next 8 hours only

  • No labels