Sie sind auf Seite 1von 9

SUBJECT:- SECURING A DATABASE USING

MICROSOFT AZURE CLOUD.


 What you will be learning in this practical?
1. Create server-level and database-level firewall rule.
2. Manage user access with SQL authentication .
3. Enable Security features , such as advanced data security , auditing , data
masking , and encryption.
 Prerequisites Required:- SQL Server Management Studio , An SQL Azure
Server and Database.

Step1:- Create an account on Azure Portal.

Step 2:- Login to your Azure portal.

Step 3:- In portal you can see left side panel , go to the panel and select SQL
Database Service.

Step 4:- Create a SQL Database Service.

Step 5: Go to Basics configuration -> give a name for a resource group in which
we will have a database.
Step 6: Give any Database name as per your choice.

Step 7:- Cretae new server as shown in right side panel.


Step 8:- After creating a server you will get by default storage shown as below.
Step 9:- Move to the Additional Settings.

Step 10:- Your database deployment will be starting , wait till the process gets
over.
Step 11:- Deployment is done , successfully database and server is created.

Step 12: Go to the Dashboard Select our Database from resource group , you
will be getting this type of view.
Step 13: In database -> move to Query Editor view -> try to sign up with the
creditionals you have given at the time of creating a server.

Step 14: setup database server firewall rules -> go to firewall settings -> add
client ip address and click ok.
Setup database firewall rules

Database-level firewall rules only apply to individual databases. The database will retain
these rules during a server failover. Database-level firewall rules can only be configured
using Transact-SQL (T-SQL) statements, and only after you've configured a server-level
firewall rule.

Step 15: Download SQL Server Management Studio.

Step 16:- Connect to a database using SSMS.

Step 17:- In object explorer, right click the database and select New query.

Step 18:- In the query window, add this statement and modify the IP address to
your public IP address. [EXECUTE sp_set_database_firewall_rule N'Example DB
Rule','X.X.X.X','X.X.X.X';]
Enable security features

Azure SQL Database provides security features that are accessed using the Azure portal. These features
are available for both the database and server, except for data masking, which is only available on the
database. To learn more, see Advanced data security, Auditing, Dynamic data masking, and Transparent
data encryption.

Advanced data security

The advanced data security feature detects potential threats as they occur and provides security alerts
on anomalous activities. Users can explore these suspicious events using the auditing feature, and
determine if the event was to access, breach, or exploit data in the database. Users are also provided a
security overview that includes a vulnerability assessment and the data discovery and classification tool.

Enable advanced data security:

1. In Azure portal, select SQL databases from the left-hand menu, and select your database on
the SQL databases page.
2. On the Overview page, select the Server name link. The database server page will open.
3. On the SQL server page, find the Security section and select Advanced Data Security.
a. Select ON under Advanced Data Security to enable the feature. Choose a storage account for
saving vulnerability assessment results. Then select Save.

NOTE:- If anomalous activities are detected, you receive an email with information on the
event. This includes the nature of the activity, database, server, event time, possible
causes, and recommended actions to investigate and mitigate the potential threat.