Reputation: 47
1433 Outbound port to Azure SQL Database - PowerBI
I was asked this question earlier today and i am not clear about how it all hangs together.
I've recently opened up 1433 outbound connection from my workplace firewall to connect to a Azure SQL database. I am using PowerBI Desktop as my client on my machine and using the standard PowerBI connector to Azure SQL Database.
I am able to connect to the Azure database and see the metadata and data and was able to author the report.
Now i have the following questions -
- Is the data transfer happening over the 1433 port ?
- Or, is there another driver like MSOLAP/OLEDB which does the transfer ? If so then is 1433 encapsulating the driver ?
- If so then is the data secure while in transit(from cloud to my machine in the network?), i mean is the connection SSL encrypted ? I just read this question and wasn't sure how is this working ? Azure SQL DB-Securing communication on Port 1433
Thanks in advance !
Upvotes: 3
Views: 1750
Answers (1)
Reputation: 15668
All data in transit coming from any Azure SQL Database or going to any Azure SQL Database is encrypted. Azure SQL Database does not allow non-encrypted connections. All this is happening on TCP port 1433. You cannot communicate to Azure SQL Database on a different port.
When a client first attempts a connection to SQL Server / SQL Azure, it sends an initial connection request. Consider this a "pre-pre-connection" request. At this point the client does not know if SSL/Encryption is required and waits an answer from SQL Server/SQL Azure to determine if SSL is indeed required throughout the session (not just the login sequence, the entire connection session). A bit is set on the response indicating so. Then the client library disconnects and reconnects armed with this information.
When you set Encrypt to true you avoid the "pre-pre-connection", and you are preventing any proxy from turning off the encryption bit on the client side of the proxy, this way attacks like man-in-the-middle attack are avoided.
When secure connections are needed, it is recommended to enable "Encrypt connection" setting.
Upvotes: 4
Related Questions
- PowerBI not able to connect to Azure SQL with private end point
- How do I connect Power BI to my Azure SQL Managed Instance on an Azure VNET?
- Most secure way to connect Power BI Desktop to Azure SQL
- How to connect to an Azure SQL DB in SSMS
- How to connect to to Azure SQL from Powerbi when firewall is enabled
- Power BI live connection to PostgreSQL
- Accessing Azure SQL Database from Access (without port 1433)
- Connect Power BI to SQL Azure
- Power BI Desktop cannot connect to azure SQL
- Azure SQL DB-Securing communication on Port 1433