Deploy the Secure Remote Access Appliance into a Microsoft Azure Environment

For administrators who wish to deploy the BeyondTrust Virtual Appliance into their Microsoft Azure environment, follow the steps below.

You must have a Microsoft Azure account and environment already configured. Also, you must install the Azure PowerShell Module on your machine, which may require a PowerShell upgrade. For more information about installing and configuring the Azure PowerShell Module, please see Install and configure Azure PowerShell .

BeyondTrust does not currently support using managed disks via the deploy script for Remote Support or Privileged Remote Access on Azure.

A BeyondTrust email listing the links needed for virtual appliances.

  1. Open the email you received from BeyondTrust Technical Support and select the Click Here for your BeyondTrust Virtual Appliance (Azure) for ERS link to download the BomgarERS_azure.exe file.

    The BeyondTrustERS_azure.exe file downloading within a browser.

  3. Click BomgarERS_azure.exe within your browser to begin installation.

    A security warning prompt asking if you are sure you want to run the azure executable file.

  5. If you receive a Security Warning prompt, click Run.


    An editable prompt where you can indicate where you would like to extract the azure file to on your local machine.

  7. Choose where you wish the files to be extracted to on your desktop. Click Extract.

    A prompt with a blue progress bar showing how extraction is progressing.

  9. Wait for the files to extract. You can review the Elapsed Time, Remaining Time, and blue progress bar to see how extraction is progressing.

    Dialog showing the extracted Azure files, including the .exe file, PowerShell script, and .vhd file.

  11. When extraction is complete, the BomgarERS_azure.exe, Deploy_AzureBomgarVM.ps1, and Bomgar-br.v.2.vhd files appear in the location you designated during the extraction process. Right-click on the Deploy_AzureBomgarVM.ps1 PowerShell script and click Edit.
  12. The PowerShell Script completed with variables from an Azure environement.

  13. Once the PowerShell script opens, locate STEP 1 and modify the following variables based on the specifics of your Microsoft Azure environment:
    • Resource Group Name
    • Storage Account Name
    • Location (e.g., westus)
    • vnet Name
    • subnet Name

The vmName does not need to be changed.


    The PowerShell script lists different options for Azure environment sizing and allows you to comment in the size you desire.

  1. Locate STEP 2. Uncomment the desired deployment size of your appliance. The options are:
    • Small
    • Medium
    • Large


    The PowerShell prompt showing the Azure Deploymnet PowerShellscript being accessed.

  2. Save and run the script in Windows PowerShell.

    The login prompt for Microsoft Azure.

  4. When prompted, enter your credentials and sign into your Microsoft Azure account.

    PowerShell showing the message that the Azure Modules have been found.

  6. In Windows PowerShell, you should receive a message stating AzureRM Modules found. You can also choose to assist Microsoft Azure in data collection at this time.

    Message in PowerShell indicating the MD5 hash is being calculated.

  8. Next, the system configures an MD5 hash, uploads the appliance into your Azure environment, and configures a public IP address for your BeyondTrust Virtual Appliance.
  9. Message in PowerShell indicating the appliance is being uploaded into Azure.


    The PowerShell window indicating the IP address for the Appliance.

  10. You are then prompted to go to the IP address configured for your appliance. The message reads For Appliance, administration, go to

    The BeyondTrust section allowing you to enter your Appliance License Key to register your appliance.

  12. On the /appliance page, enter your Appliance License Key provided in the email from BeyondTrust Technical Support. Click Save.
  13. To setup a persistent URL for your appliance, you can perform one of two options:
    • In the Azure console, set the appliance's external IP to Static. Then assign your DNS entry to that external IP.
    • Or, apply a DNS name within Azure. Set a CNAME record pointed to that address.

No further network or console configuration is needed for Azure-based appliances. Please continue to Register and Update the BeyondTrust Virtual Appliance