Azure-SQLServer-SQL-Server-Minimum-TLS-Version

Severity : High

Description: This control ensures that SQL server uses TLS version set to a minimum version for any transport layer connectivity. The Azure supports TLS 1.0, 1.1, and 1.2. Setting a minimal TLS version ensures that newer TLS versions are supported. The newer versions fix the vulnerabilities in previous versions. The security best practice recommend to patch the security vulnerabilities quickly and set a minimal version of accepted TLS version to make sure that old versions with known high degree of security vulnerabilities are not deployed in the network. The recommended minimum version for Microsoft Azure SQL server is TLS 1.2.

Remediation Steps:

Perform following to Remove all non-required guest users :

1. Login to Azure Portal using https://portal.azure.com.

2. Navigate to All resources. Search for SQL server resources.

3. Under the Security, select Firewalls and virtual networks.

4. Select the Minimum TLS Version desired for all SQL Databases associated with the server.

5. Select Save.

Important:

Reference:

• https://docs.microsoft.com/en-us/azure/azure-sql/database/connectivity-settings#set-the-minimal-tls-version-via-powershell