locked
SQL Server Secure Access from Azure Data Factory RRS feed

  • Question

  • We have an on-premise instance of SQL Server and we need to access some data from this server through Azure Data Factory (ADF). Since ADF can connect through a large set of IP addresses, there is no way to specify IP based firewall rules on the system where SQL Server is installed. So right now, the system is exposed to the internet.

    What would be the best security architecture in this scenario?

    I understand that a VPN can be set up but that solution is little too complex for us right now. Any other solution besides this?

    Thank you


    Sohi


    • Edited by Sohi420 Friday, April 26, 2019 7:53 PM
    Friday, April 26, 2019 7:52 PM

Answers

All replies

  • Hi Sohi420,

     

    >>Since ADF can connect through a large set of IP addresses, there is no way to specify IP based firewall rules on the system where SQL Server is installed.

     

    According to your description, my understanding is that you can not use firewalls to secure sql server access. If anything is misunderstood, please tell me.

     

    Based on my experience,  it is necessary to secure sql server access by firewalls. For more details, please refer to https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-windows-firewall-for-database-engine-access?view=sql-server-2017

     

    Hope this could help you .

    Best regards,

    Dedmon Dai


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com

    Monday, April 29, 2019 6:28 AM
  • I solved this by making use of Self-hosted integration runtime on our on-premise network where SQL Server is installed, and linked that integration runtime in the Azure data factory to get access.

    Here is the link which describes how to set up the self-hosted integration runtime:
    https://docs.microsoft.com/en-us/azure/data-factory/create-self-hosted-integration-runtime


    Sohi

    • Marked as answer by Sohi420 Wednesday, June 26, 2019 1:55 AM
    Wednesday, June 26, 2019 1:55 AM