Azure Bastion is a fully managed service that provides secure and seamless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to virtual machines (VMs) within an Azure virtual network. It is a platform-managed PaaS service that you provision inside your virtual network, and it provides RDP/SSH connectivity to your VMs directly over TLS from the Azure portal or via native client. When you connect via Azure Bastion, your VMs dont need a public IP address, agent, or special client software.

Some key features of Azure Bastion include:

• Secure Access: Azure Bastion provides secure RDP and SSH connectivity to all of the VMs in the virtual network in which it is provisioned. Using Azure Bastion protects your VMs from exposing RDP/SSH ports to the outside world, while still providing secure access using RDP/SSH.

• Cost-Effective: Using Azure Bastion is more cost-effective than manually deploying your own jump box. Its charged on a fixed per-hour basis, plus charges for outbound data transfers.

• Managed Service: Azure Bastion is a fully managed platform PaaS service from Azure that is hardened internally to provide you secure RDP/SSH connectivity.

Azure Bastion can be useful for remote work scenarios by allowing users with internet connectivity to access Azure VMs. It enables IT administrators to manage their applications running on Azure at any time and from anywhere around the globe. Azure Bastion is deployed per virtual network, and companies can configure and manage one Azure Bastion to quickly support remote user access to VMs within an Azure virtual network.

Azure Bastion pricing is a combination of hourly pricing based on SKU and instances (scale units), plus data transfer rates.