Network Security in Azure SQL simplified….

Network security is the most important aspect of security in Azure SQL.
Below are the options available with increased security

0 Allow any azure service in any subscription to access
- Least secure

1 Firewall Rules
- Need to create firewall rules for every single service that we need to connect to
- Dynamic IPs not possible
- Connects via public IP addresses

2 Virtual Network Rules
- VNet peering (VNet2VNet, VNet gateway) between consumer network and SQL network
- Fully private connection
- DNS hierarchy gives the public IP address

3 Private Link
- Create a private link endpoint on the SQL network
- This would be the only way to connect
- DNS hierarchy only gives the private IP address