---
names:
  full: Azure Subscription Bastion Host does not exist
  contextual: Bastion Host does not exist
description: "The Azure Bastion service allows secure remote access to Azure Virtual\
  \ Machines over the Internet without exposing remote access   protocol ports and\
  \ services directly to the Internet. The Azure Bastion service provides this access\
  \ using TLS over 443/TCP, and subscribes to hardened configurations within an organization's\
  \ Azure Active Directory service."
type: COMPLIANCE_POLICY
categories:
  - SECURITY
frameworkMappings:
  - "/frameworks/cis-azure-v5.0.0/08/04/01"
  - "/frameworks/cloudaware/resource-security/network-exposure"
similarPolicies:
  cloudConformity:
    - url: https://www.trendmicro.com/cloudoneconformity/knowledge-base/azure/Network/bastion-host-exists.html
      name: Bastion Host in Use