Open Access dashboards in Azure

Dashboard Server
,
1

Hi. We are deploying and hosting SquaredUp (for Azure) in Azure, and it’s working. However, I’ve found Open Access is really open to the entire internet, with security being a unique url (security by obscurity). And no way to limit it to “authenticated users”.

With on-prem hosting access to the physical network is limited, so this issue isn’t really an issue.

I’m keen for advice and thoughts how to resolve this.

Solutions :

#1 - Host on-prem - Unfortunately we are moving everything to cloud.

#2 - Limit VNET to our office IP’s - That would work, although due to COVID our we are scatted across different towns working from home (and many have dynamic IP’s).

#3 - Limit access to a Jumphost in Azure. it’s a viable solution, but expensive and not a great experience to look at dashboards.

#4 - alter the IIS settings not to allow anonymous access. best idea so far, but no idea what to alter.

#5 - licence all users - we have a lot of users who just need to see a non-interactive board, then licensing each one can be an overkill.

 

I see this see thread Restricting Open Access to AD Groups. , but it doesn’t really offer a solution in this case.

Any thoughts or ideas appreciated :slight_smile:

2

Bringing the VM inside a vnet (non-public) and then sharing SquaredUp using Azure Application Proxy is a viable solution. You’re then adding auth to OA via Azure AD. Costs next to nothing too.

1 Like
3

Ooh thanks for the awesome suggestion ! I’ll look into it. This might be the perfect we need :slight_smile:

4

Hi. I’ve implemented the App Proxy. A few teething problems, but it’s all go. Works well and Open Access is now secured. Thanks@Jelly for the suggestion!