Firewall and Authentication
Firewall
There are two ways to connecting to a database: 1. Go through the firewall 2. Authenticate yourself
Now through Firewall, there are two type of Firewall:
1. Server level Firewall: Server level firewall rules for administrator and when you have many database that have the same access requirements.
2. Database level Firewall : Use database level firewall rules to enhance security and to make your database more portable. (You can specify IP range)
Authentication Workflow
First Step where user is attempting to made a connection at Server level, If requested IP is in range as per firewall then it is authenticated by server level firewall it goes to the database level and authenticate yourself.
If IP is not in range then it is not authenticated by server level firewall then goes to next level firewall which is database level and again it checks that IP is within given firewall range of the database then it goes to authenticate yourself. If NO then request to connect with database got failed.
Authentication
There are two type of authentication:
1. SQL Authentication : SQL Authentication is the alternate to directly gets authenticate to Azure SQL Database. - Individual accounts Authentication Only.
- Multi-Server access requires multiple users.
- No built-in password expiration.
2. Azure Active Directory : Azure Active Directory authentication is a mechanism of connecting to Microsoft Azure SQL Database and SQL Data Warehouse by using identities in Azure Active Directory (Azure AD). With Azure AD authentication, you can centrally manage the identities of database users and other Microsoft services in one central location.
- Individual and group accounts Authentication.
- One Identity can be granted access to multiple Server.
- Password expiration follows the ADD policy.
In next post will be cover the demo of firewall and authentication module.
No comments:
Post a Comment