Information Security

We use the built-in Windows VPN client to provide access to legacy applications that don't meet the security or usability requirements to be exposed to the internet. One of those applications just didn't work well over a VPN for various reasons but worked great over the internet. The application's network traffic was encrypted but the authentication was only username/password so just publishing it on the internet wasn't a good enough solution. Allowing access to the resource over the internet from a specific IP address would meet the security requirements of the application but keeping up with manually adding everyone's home IP address to the Azure Network Security Group (NSG) would be impossible. My solution in this case was to use a combination of the following resources to automate the process of adding a user's IP address to the NSG on a temporary basis: Microsoft Power Automation (Flow) Azure Automation Accounts Powershell Microsoft Graph API Si