Join Log in
Score:1
avatar Server

Managing Firewall Rules for Azure Analysis Services

jp flag
Jazza

My customer (a legal firm) has an Azure Analysis Services database. Access to the model is tightly controlled to prevent leakage of confidential data. Employees who need to access the model whilst working from home can only do so if their public IP address has been whitelisted by adding a firewall rule to the server. However, the company VPN software (which is always on and cannot be disabled by users) assigns a new IP address each time they log on, which means the firewall rules need constant updating.

Is there an easier to maintain/update the firewall rules in such a scenario? I don't know the specifics of the VPN software, so not sure to what extent it can assign the same IP address to each user.

70
0 + 0
vpn
Score:0
avatar Server
ng flag
Sam Cogan

You only really have a few options here:

  • Change the VPN to use a static outbound IP (or list of IP's). This is a fairly common requirement for VPN
  • Connect your VPN network directly to Azure using either Azure VPN or Express Route, configure Private Endpoints for your database in Azure to route traffic over the private network when on the VPN
  • Grant users rights to add IP's to the SQL firewall (and provide the training on how to do this), not reccomended.
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.