Azure SQL Database must only use approved firewall settings deemed by the organization to be secure, including denying azure services access to the server.

An XCCDF Rule

Description

<VulnDiscussion>Use of nonsecure firewall settings, such as allowing azure services to access the server, exposes the system to avoidable threats.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-255347r879756_rule
Severity: Medium
References: CCI-001762
Updated: about 1 year ago

Assign the approved policy to Azure SQL Database.
1. From the Azure Portal Dashboard, click "Set Server Firewall".
2. Review the Allow Azure services and resources to access this server option.
3. Uncheck the box to "Deny Azure" services and resources to access this server.
4. Click "Save".
For more information about connection policies:
https://docs.microsoft.com/en-us/azure/azure-sql/database/connectivity-architecture

Azure SQL Database must only use approved firewall settings deemed by the organization to be secure, including denying azure services access to the server.

Description

Remediation - Manual Procedure