Configuring Advanced Threat Protection for Azure SQL Database
In this tutorial, we will learn and understand about configuring advanced threat protection for Azure SQL database.
Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts for accessing or exploiting databases. Moreover, it can locate Potential SQL injection, Access from unusual location or data center, Access from an unfamiliar principal or harmful application, and Brute force SQL credentials.
However, you can receive notifications about the detected threats via email notifications or the Azure portal. Advanced Threat Protection is part of the advanced data security offering that is a unified package for advanced SQL security capabilities. Further, Advanced Threat Protection can be accessed and managed via the central SQL Advanced Data Security portal.
Setting up Advanced Threat Protection in the Azure portal
- Firstly, sign into the Azure portal.
- Secondly, navigate to the configuration page of the server you want to protect. In the security settings, select Advanced Data Security.
- Thirdly, on the Advanced Data Security configuration page:
- Firstly, enable Advanced Data Security on the server.
- Then, in Advanced Threat Protection Setting there is Send alerts to the text box, that provides the list of emails for receiving security alerts upon detection of anomalous database activities.
Setting up Advanced Threat Protection using PowerShell
Azure hosts Azure Cloud Shell refers to an interactive shell environment that you can use through your browser. Moreover, you can use either Bash or PowerShell with Cloud Shell for working with Azure services. In this, you can also use the Cloud Shell preinstalled commands for running the code without having to install anything on your local environment.
For starting Azure Cloud Shell:
For running the code in Azure Cloud Shell:
- Firstly, start Cloud Shell.
- Secondly, select the Copy button on a code block to copy the code.
- Thirdly, paste the code into the Cloud Shell session by selecting Ctrl+Shift+V on Windows and Linux or by selecting Cmd+Shift+V on macOS.
- Lastly, select Enter to run the code.
However, if you choose to install and use PowerShell locally, this tutorial requires Az PowerShell 1.4.0 or later. And, if you need to upgrade, see Install Azure PowerShell module. Lastly, if you are running PowerShell locally, then you also require to run Connect-AzAccount to create a connection with Azure.
Reference: Microsoft Documentation