Reputation: 915
Security of in-transit data for Geo-Replication in Azure SQL Database
We want to enable Geo-Replication in Azure SQL Database. However for compliance reasons, we want to be sure that replication to secondary region happens over a secure encrypted channel.
Is there any documentation available to confirm that data in-transit during geo-replication goes over a secure encrypted channel?
I have looked into Microsoft Azure Trust center and there is a brief mention about using standard protocols for in-transit data. However I could not find information related to which protocols are used and how security of in-transit data is ensured.
Upvotes: 0
Views: 149
Answers (1)
Reputation: 189
Thank you for this question. Yes, the geo-replication uses a secure channel. If you are using V11 servers the SSL certificates are global and regularly rotated. If you are using V12 servers the certificates are scoped to the individual logical servers. This provides secure channel isolation not only between different customers but also between different applications. Based on this post I have filed a work time to reflect this in the documentation as well.
Upvotes: 1
Related Questions
- How should logins and users be created on a geo-redundant database in Azure?
- Azure SQL - GEO-REPLICATION : Data loss?
- SQL Azure Geo Replication for non-redunancy purposes
- Speed and Impact of Azure SQL Geo-Replication Sync
- Azure SQL Database Active Geo-Replication
- If I create an Geo-replicated sql database in azure, what database does the user connect to?
- Handling external data source on Azure SQL and geo-replication
- Problems in Azure Geo Replication
- Geo-replicating and traffic routing an Azure hosted ASP .Net 5 site and backing SQL database across continents
- Sql database on geo redundant storage in Azure