Limit SQL logical server firewall rule range

Security · SQL Database · 2020_06

Determine if there is an excessive number of permitted IP addresses set in the allowed IP list (CIDR range).

Description

Typically the number of IP address rules permitted through the firewall is minimal, with management connectivity from on-premises and cloud application connectivity the most common. This rule assesses the combined IP addresses from each Allowed IP firewall entry to check that the total allowed addresses is less than (10).

Recommendation

Reduce the size or count of the IP ranges set in the Firewall rules so that the total Allowed IPs are less than (10).

Example

Links

• Azure SQL Database and Azure Synapse IP firewall rules
• Create and manage IP firewall rules

---

Last update: 2022-09-19

Comments