none
Azure SQL Data Sync between On-Premise SQL Server and Azure DB requires VPN? RRS feed

  • Question

  • Is VPN only way to make connection very secure? SQL Server On-premise is inside corporate network.

    Kenny_I

    Monday, June 17, 2019 9:39 AM

All replies

  • Is VPN only way to make connection very secure? SQL Server On-premise is inside corporate network.

    Kenny_I

    Good day Kenny,

    the meaning of "very secure" is very subjective. What considered as "very secure" for one case can be considered as "Not secure enough" for another case. Therefore, your question cannot be answered as it is😃

    virtual private network considered as one of the most important security options for public use since it basically the way to extends a private network across a public network. Is this the only way to secure your connection?!? absolutely no. Using secure connection (like SSL) for example is another security feature.

    >> "Azure SQL Data Sync between On-Premise SQL Server and Azure DB requires VPN?"

    No. VPN is not required in order to connect to Azure SQL Database, and it is not even a common case as much as I know. Most people use Data Sync without VPN. It is one of the common solution to use Azure Managed Instance.


    signature   Ronen Ariely
     [Personal Site]    [Blog]    [Facebook]    [Linkedin]


    Monday, June 17, 2019 11:13 AM
    Moderator
  • As Ronen has pointed out, this can be subjective. The most secure connection you can make between on-premise and Azure is via ExpressRoute and VPN

    "ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure, Office 365, and Dynamics 365."

    ExpressRoute gives you a dedicated circuit between your Azure Virtual Network(s) and your on-premise infrastructure. Without this service, the VPN would encrypt communications over internet traffic. ExpressRoute + VPN gives you encrypted tunneling over a dedicated circuit and with the correct connection string (based upon services being used), that can also be encrypted for three layers of security. This gives you the ability to use your own networking vendors to extend the trust to Azure. 

    Please let us know if you have additional questions.


    Tuesday, June 18, 2019 6:51 PM
    Moderator