locked
SQL Server security question RRS feed

  • Question

  • Hi All,

    This is more of a security related question.
    Usually, we connect to Prod SQL Servers via Jump Servers. while connecting to jump server we get the verification code on mobile, we verify and we get access to the prod servers.
    We do a RDP or using SSMS we connect to prod env.

    Now, my question is, if we are having SSMS installed on local machine/laptop , we are also able to connect to prod servers. This is a potential security risk. How can we restrict such local connections.
    We want to allow connections only via jump servers and not from any local machine / laptop.

    Is there a way to restrict local connections from SQL Server side or do we need involve network team on this ? if network team is involved, what would they typically do in order to implement such process.
    Want to have some idea before reaching out to them.

    Please suggest.

    Thanks,
    Sam

    • Moved by Tom Phillips Tuesday, September 17, 2019 12:24 PM Security question
    Tuesday, September 17, 2019 6:10 AM

Answers

  • Thanks Cathy.
    Hi Sam,

    I am glad can help you. Did you resolve your issue? If you have resolved your issue, please mark the useful reply as answer. This can be beneficial to other community members reading the thread.
    In addition, if you have another questions, please feel free to ask.
    Thanks for your contribution.

    Best regards,
    Cathy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to  MSDN Support, feel free to contact MSDNFSF@microsoft.com

    • Marked as answer by Samantha v Friday, October 4, 2019 7:03 AM
    Thursday, September 19, 2019 10:03 AM

All replies

  • You need to setup a firewall rule on the machine where SQL is installed to allow connection only from specific machines/IPs


    - Vishal

    SqlAndMe.com

    Tuesday, September 17, 2019 8:55 AM
  • You either have access to the SQL Server, or you don't have access to the SQL Server.  There is no limitation based on the application which connects to SQL Server.

    Tuesday, September 17, 2019 12:26 PM
  • which means network team has to involved.
    Tuesday, September 17, 2019 2:06 PM
  • Hi Sam,

    I find a similar thread, please refer to Restrict an SQL Server connection to a specific IP address. Hope it could help you.

    Best regards,
    Cathy .

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to  MSDN Support, feel free to contact MSDNFSF@microsoft.com

    Wednesday, September 18, 2019 9:11 AM
  • Thanks Cathy.
    Thursday, September 19, 2019 7:08 AM
  • Thanks Cathy.
    Hi Sam,

    I am glad can help you. Did you resolve your issue? If you have resolved your issue, please mark the useful reply as answer. This can be beneficial to other community members reading the thread.
    In addition, if you have another questions, please feel free to ask.
    Thanks for your contribution.

    Best regards,
    Cathy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to  MSDN Support, feel free to contact MSDNFSF@microsoft.com

    • Marked as answer by Samantha v Friday, October 4, 2019 7:03 AM
    Thursday, September 19, 2019 10:03 AM
  • Thanks for the help. We are working with Network team on this.
    Friday, October 4, 2019 7:04 AM