Skip to main content
Dynamics 365 Community / Forums / Finance forum / securing CHE VM using ...
Finance forum
Unanswered

securing CHE VM using bastion

editSubscribe (0) ShareShare
ReportReport
Posted on by
Hi
 
One if our customers are looking for some information regarding securing the CHE and blocking ports that are not required.

They are currently using bastions and followed this documentation where it says that Bastion is recommended:
https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/dev-tools/secure-developer-vm

However, there is another documentation which says the contradictory statements as in Bastion is not supported :
Deploy and access development environments - Finance & Operations | Dynamics 365 | Microsoft Learn

Questions that they have are:
  • Can we join the VM to the customer’s domain or not? Will it cause issues if we do so?
  • How many developers should be the maximum to use one VM?
  • What ports inbound and outbound should be open as a minimum to make sure that developers can still do their Dynamics work but that it is secured connectivity-wise?
  • The Storage Account is also publicly accessible, can we close that connection so that the VM can access the SA via the VNET or will cause that issues?
  • Overall, what security best practices should be also activate the secure the environment more?
Any insight or customer example will be very helpful on this.
  • Martin Dráb Profile Picture
    Martin Dráb 222,585 Super User on at
    securing CHE VM using bastion
    The first link says that you "can consider using Azure Bastion"; which is exactly the same thing as "is recommended". The second one says that the Dynamics team won't give you support for setting up Bastion, which doesn't mean that you can't use it.
     
    I'm on a project where Bastion is used for CHE, but it's not managed by myself.
     
    The answer to "How many developers should be the maximum to use one VM?" is one. Two developers can't develop in the same environment at once.
     
    Configure Azure Bastion for Dynamics 365 F&O VMs will answer some of your other questions.

Helpful resources

Quick Links

What Motivates a Super User?

We know many of you visit the Dynamics 365 Community and Power Platform…

Demystifying Copilot with Georg Glantschnig…

Industry experts answer burning questions directly from our amazing Community…

Setting Up Knowledge Sources for Copilot…

Look at how configuring a comprehensive knowledge base is crucial…

Leaderboard

#1
Andre Arnaud de Calavon Profile Picture

Andre Arnaud de Cal... 283,066 Super User

#2
Martin Dráb Profile Picture

Martin Dráb 222,585 Super User

#3
nmaenpaa Profile Picture

nmaenpaa 101,138

Product updates

Dynamics 365 release plans