Azure SQL Database must only use approved firewall settings deemed by the organization to be secure, including denying public network access.

An XCCDF Rule

Description

<VulnDiscussion>Use of nonsecure firewall settings, such as allowing public access, exposes the system to avoidable threats.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-255346r879756_rule
Severity: Medium
References: CCI-001762
Updated: about 1 year ago

Assign the approved policy to Azure SQL Database.
1. From the Azure Portal Dashboard, click on the database.
2. Click "Set Server Firewall".
3. Review the public network access option.
4. Check the box to "Disable" public network access.
5. Click "Save".
For more information about connection policies:
https://docs.microsoft.com/en-us/azure/azure-sql/database/connectivity-architecture

Azure SQL Database must only use approved firewall settings deemed by the organization to be secure, including denying public network access.

Description

Remediation - Manual Procedure