Free Assessment

Azure_SQLServers_11

Ensure entire Azure infrastructure doesn't have access to Azure SQL Server

Description

Azure connections must be enabled to allow applications from Azure to connect to your Azure SQL server. When an application from Azure attempts to connect to your database server, the firewall verifies that Azure connections are allowed. A firewall setting with starting and ending address equal to 0.0.0.0 allows these connections. This option configures the firewall to allow all connections from Azure including connections from the subscriptions of other customers. Make to use Firewall VNet rules.

Remediation

Perform the following in the Azure Console:

  1. Go to SQL Servers
  2. For each SQL Server
  3. Select Firewalls and virtual networks
  4. Set the ‘Allow access to Azure services’ to OFF
  5. Press the Add existing virtual network or the Create new virtual network to allow access from

Default Values:
By default, the Allow access to Azure services is set to ON and no VNET rules are set

Service

Database Services

Severity

High

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More