After setting up the SQL Server ready for encrypted connections, it’s time to do the same for the clients. This is basically the same process that we already did at the server end, but let’s go through it once more. Instead of inbound firewall rule, we’ll create an outbound rule (surprise!) and connection security rule.
To set up IPSEC for a box running SQL Server starts with a simple step, by turning on your Windows Firewall with Advanced Security, if it’s not on already (which it definitely should be!).
After that you need to create two rules for your firewall. First the inbound rule, which allows the clients to connect to your server. And secondly a security rule, in which you define how the connections are authenticated and secured. You could do this directly from the firewall settings, but I prefer using Group Policies myself.
Just a small update here. This topic has been for the last 6 years, every year, in top 5 of most read posts in my site. I guess security never goes out of style!
A first post of 2014 and it sure took me awhile to write it up. I was hoping to return to this subject much sooner, however my work schedule has been just plain crazy. Just this week I’ve spent two nights migrating databases to new database clusters. The situation should fix itself in a couple of weeks though, with few bigger projects coming to completion.
But to return to the actual subject of securing SQL Server network traffic.. I previously wrote about using SSL for this purpose, a method that was quick and simple to implement. This was done in my Azure demo environment, which allowed me to take few shortcuts in the implementation. When dealing with production environments, you’ll naturally need to test, test and test it once more before actual implementation.(more…)
It has been couple weeks since my last post and as we’re going through the end of the year frenzy at the office, I find myself having little energy or time left after work to finish up my posts (I do have a couple of other posts waiting to be finished).
I previously wrote about different methods on how to secure the network traffic on your SQL Server. I mentioned there being two readily available tools that can accomplish this, the SSL and the IPSec. In this post, we’ll take a quick look at how the SSL is implemented on SQL Server.
A while back I had a request to encrypt communications between an instance of SQL Server and the clients connecting to it. I knew that SQL Server had the ability to use SSL to encrypt communications, so this all seemed simple enough to do. The easy way, however, didn’t work for me because of some of the older protocols used did not support SSL encryption. So I was encouraged to look at some other options.