Share
ReportHi
One if our customers are looking for some information regarding securing the CHE and blocking ports that are not required.
They are currently using bastions and followed this documentation where it says that Bastion is recommended:
https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/dev-tools/secure-developer-vm
However, there is another documentation which says the contradictory statements as in Bastion is not supported :
Deploy and access development environments - Finance & Operations | Dynamics 365 | Microsoft Learn
Questions that they have are:
They are currently using bastions and followed this documentation where it says that Bastion is recommended:
https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/dev-tools/secure-developer-vm
However, there is another documentation which says the contradictory statements as in Bastion is not supported :
Deploy and access development environments - Finance & Operations | Dynamics 365 | Microsoft Learn
Questions that they have are:
- Can we join the VM to the customer’s domain or not? Will it cause issues if we do so?
- How many developers should be the maximum to use one VM?
- What ports inbound and outbound should be open as a minimum to make sure that developers can still do their Dynamics work but that it is secured connectivity-wise?
- The Storage Account is also publicly accessible, can we close that connection so that the VM can access the SA via the VNET or will cause that issues?
- Overall, what security best practices should be also activate the secure the environment more?
All responses (
Answers (
20
