Hello and welcome to part two of our series on Azure data security where we will demo Azure Private Link and talk about restricting access at the firewall level as well as access control.  We will demonstrate how an Azure Private Endpoint provides a way to connect to a SQL Server PaaS instance using only private networks.  We will see how the SQL Server public firewall rules work and provide some security guidelines on how to secure Private Link Endpoints from source networks. View the Azure Private Link demo video on our YouTube Channel.

The illustration below taken from the video in part 1 shows the different access layers. In this demo video, we focus on the perimeter network before authentication, data security, and monitoring.  We also use access control and role-based access to provide access to a user account using an Azure AD Identity dbreader@lanet.co.uk.  This account has no access to the SQL Server object or database at the Azure platform level.  The account only has read access to the database and so can not alter any server-level firewall rules or other administrative settings.

Azure Data Security Layers

Please join us in part three where we will cover data level security with data masking, classification, and auditing.

Please visit our YouTube channel (and subscribe) to see our other videos in this series and more at https://LANETYouTube
Also, visit us at www.lanet.co.uk and check out our Azure Market place offering/s here http://bit.ly/LaNetSecurity

LANET is a Microsoft Gold Cloud Platform and Silver Security Partner specialising in Microsoft Azure cloud infrastructure security.