question

ripefica avatar image
ripefica asked

I have a requirement to ensure that our service accounts (that connect to SQL) are not used by anyone but the by the APPLICATION itself also excluding access via SSMS

I have a requirement to ensure that our service accounts (that connect to SQL) are not used by anyone but the by the APPLICATION itself (also excluding access via SSMS)

securityaccess
4 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

JohnM avatar image JohnM ·

Ok, what's the question here?

0 Likes 0 ·
ripefica avatar image ripefica JohnM ·

Hi John. I want to guarantee my SQL connections are only allowed from one source, in this case, from the application server. All other connections must be refused.

0 Likes 0 ·
KenJ avatar image KenJ ·

Domain/windows service accounts or service accounts using sql logins?

0 Likes 0 ·
ripefica avatar image ripefica ·

Hi @KenJ its Service Accounts using SQL Logins.

0 Likes 0 ·

1 Answer

·
JohnM avatar image
JohnM answered

I think that I'd do this at the network level as it'll probably be easy to manage. Secondly you could use windows Firewall to block any connections other than certain IP's. However, with that said, you're going to want to allow 1433 for any DBA's so that they can administer the instance.

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.