Member-only story
Why You Should Use Bastion Host for Secured Server Access? A Guide of Using Guacamole for Home Server or Cloud Environment
Servers are often accessed remotely, with RDP for Windows, SSH, or VNC for Linux environments. Rule number one when we deploy virtual machines is not exposing our virtual machine publicly, a common mistake that administrators make during initial setup for convenience. The main reason is that it exposes our virtual machines to the public, which allows hackers to perform port scanning, and brute force attacks and gain access to the VM. Cracking a password is no longer a difficult activity, with the rise of powerful hardware.
So how do we access the servers securely?
Option 1: VPN
The first option is to use VPN, where we provision a VPN Gateway in an on-premises server or the cloud environment. Administrators can then establish a secured point-to-site VPN connection, and RDP/SSH into the VMs. The VMs don’t need to expose public IP address, and admin can access the servers via their private IPs after establishing VPN connection.
The upside is that the admin can use the public internet securely to access the servers, but the downside is that we need additional setup such as VPN profiles, and VPN Gateway and the network bandwidth will…
