Open Access dashboards in Azure

Hi. We are deploying and hosting SquaredUp (for Azure) in Azure, and it’s working. However, I’ve found Open Access is really open to the entire internet, with security being a unique url (security by obscurity). And no way to limit it to “authenticated users”.

With on-prem hosting access to the physical network is limited, so this issue isn’t really an issue.

I’m keen for advice and thoughts how to resolve this.

Solutions :

#1 - Host on-prem - Unfortunately we are moving everything to cloud.

#2 - Limit VNET to our office IP’s - That would work, although due to COVID our we are scatted across different towns working from home (and many have dynamic IP’s).

#3 - Limit access to a Jumphost in Azure. it’s a viable solution, but expensive and not a great experience to look at dashboards.

#4 - alter the IIS settings not to allow anonymous access. best idea so far, but no idea what to alter.

#5 - licence all users - we have a lot of users who just need to see a non-interactive board, then licensing each one can be an overkill.

 

I see this see thread Restricting Open Access to AD Groups. , but it doesn’t really offer a solution in this case.

Any thoughts or ideas appreciated :slight_smile:

Bringing the VM inside a vnet (non-public) and then sharing SquaredUp using Azure Application Proxy is a viable solution. You’re then adding auth to OA via Azure AD. Costs next to nothing too.

1 Like

Ooh thanks for the awesome suggestion ! I’ll look into it. This might be the perfect we need :slight_smile:

Hi. I’ve implemented the App Proxy. A few teething problems, but it’s all go. Works well and Open Access is now secured. Thanks@Jelly for the suggestion!