堆栈内存溢出
  简体   繁体   English

如何将对SQL Server数据库的访问限制为特定IP?

[英]How do I limit access to my SQL Server database to specific IP?

 原文  2012-08-10 14:04:29       sql-server/ sql-server-2008

问题描述

Can I restrict access to a specific database on my SQL Server 2008 database based on client IP address? 我可以根据客户端IP地址限制对SQL Server 2008数据库中特定数据库的访问吗? If so, how do I do it? 如果是这样,我该怎么办? There are multiple databases on this server so we can't block access to the SERVER based on the IP, just a specific DATABASE. 此服务器上有多个数据库,因此我们无法阻止基于IP访问SERVER,只能访问特定的DATABASE。

3 个解决方案

解决方案1
 2  2012-08-10 14:35:12

You absolutely cannot do this at database granularity. 你绝对不能在数据库粒度上做到这一点。 You are talking about detecting things like queries using three part names ( [banned_db].[dbo].[table] ) and synonyms referencing the protected DB while using an unprotected DB. 您正在讨论使用三个部件名称( [banned_db].[dbo].[table] )和使用未受保护的数据库时引用受保护的数据库的同义词来检测查询等内容。 There just isn't any framework in place to do such. 没有任何框架可以做到这一点。 You must rely on access security (GRANT/DENY/REVOKE). 您必须依赖访问安全性(GRANT / DENY / REVOKE)。 At best, do what gbn suggests and separate the protected DB into it's own instance and then use Firewall rules to protect its ports. 充其量,做gbn建议并将受保护的数据库分成它自己的实例,然后使用防火墙规则来保护其端口。

解决方案2
 1  2012-08-10 14:28:58

Personally, I'd use security to do this. 就个人而言,我会使用安全性来做到这一点。 Limit access via permissions not via IP. 通过权限限制访问,而不是通过IP。

If you really do need IP address security (eg for banking Secrecy Jurisdictions like Switzerland or Singapore), then use separate servers 如果您确实需要IP地址安全性(例如,对于瑞士或新加坡等银行保密管辖区),请使用单独的服务器

解决方案3
 1  2012-11-15 21:33:21

There is currently no way to limit access to a specific database based on the network segment you are coming from. 目前无法根据您来自的网段限制对特定数据库的访问。 I can see the need for this to limit access to a production DB from a stage server. 我可以看到这需要限制从舞台服务器访问生产数据库。 I guess this is why there is the need to build different SQL servers for each environment. 我想这就是为什么需要为每个环境构建不同的SQL服务器。

I believe you can limit SQL access by application http://msdn.microsoft.com/en-us/library/bb669062.aspx 我相信你可以通过应用程序限制SQL访问http://msdn.microsoft.com/en-us/library/bb669062.aspx

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用Visual Studio 2008工具向特定用户授予对SQL Server Express数据库的访问权限? - How do I grant access to my SQL Server Express database to a specific user with Visual Studio 2008 tools? 如何在 SQL Server 2008 中使用我的 ip - How do I use my ip in SQL Server 2008 如何使用受信任的连接正确访问我的SQL Server数据库? - How do I properly access my SQL Server database with trusted connection? SQL - 我无法使用我的公共 IP 访问 SQL 服务器 - SQL - I cannot access a SQL Server using my public IP 如何授予用户对 SQL 服务器中数据库的读取权限? - How do I grant read access for a user to a database in SQL Server? 如何将Microsoft Access文件转换为SQL Server数据库? - How do I convert Microsoft Access file into SQL Server database? 如何将电子邮件存储到SQL Server数据库中? - How do I store emails into my SQL server database? 如何附加本地SQL Server数据库? - How do i attach my local SQL server database? sql-server:我怎么知道谁在我的数据库中? - sql-server: how do i know who is in my database? 如何缩小我的 SQL Server 数据库? - How do I shrink my SQL Server Database?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM