Denying access to a server

Archived from groups: microsoft.public.win2000.security (More info?)

I want to deny access to our SQL servers from all computers except for
specific computers. Is there a way to do this in windows with out having to
use a router and ACL's between the SQL servers and the rest of the network.
1 answer Last reply
More about denying access server
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    You could configure an ipsec filtering policy on those servers. Ipsec filter
    policies use rules that use permit and block filter actions. Of course this
    would only work well if the computers that access it have static IP
    addresses. Start with a mirrored block all rule and then add a mirrored
    permit rule with the exceptions which would include the IP addresses of the
    allowed computers. Ipsec policies do not require reboots, are built into the
    operating system, and take effect shortly after assigning. Make sure you
    have physical access to the server to assign and test the policy. If you do
    it remotely and the policy is misconfigured, you could be blocked from
    access . See the link below for tips on
    setting up ipsec policies and info on and how to remove default exemptions
    with a registry change.. --- Steve

    http://www.securityfocus.com/infocus/1559
    http://support.microsoft.com/default.aspx?scid=kb;en-us;811832

    "brian.hesseling(at)lsrlaw.lsr"
    <brian.hesseling(at)lsrlaw.lsr@discussions.microsoft.com> wrote in message
    news:7EAE57A2-B531-4A4A-ABB8-CDEE01B8828E@microsoft.com...
    >I want to deny access to our SQL servers from all computers except for
    > specific computers. Is there a way to do this in windows with out having
    > to
    > use a router and ACL's between the SQL servers and the rest of the
    > network.
Ask a new question

Read More

Computers Servers SQL Windows