question

ripefica avatar image
ripefica asked

I have a requirement to ensure that our service accounts (that connect to SQL) are not used by anyone but the by the APPLICATION itself also excluding access via SSMS

I have a requirement to ensure that our service accounts (that connect to SQL) are not used by anyone but the by the APPLICATION itself (also excluding access via SSMS)

securityaccess
4 comments
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Ok, what's the question here?

0 Likes 0 ·

Hi John. I want to guarantee my SQL connections are only allowed from one source, in this case, from the application server. All other connections must be refused.

0 Likes 0 ·

Domain/windows service accounts or service accounts using sql logins?

0 Likes 0 ·

Hi @KenJ its Service Accounts using SQL Logins.

0 Likes 0 ·

1 Answer

·
JohnM avatar image
JohnM answered

I think that I'd do this at the network level as it'll probably be easy to manage. Secondly you could use windows Firewall to block any connections other than certain IP's. However, with that said, you're going to want to allow 1433 for any DBA's so that they can administer the instance.

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.