Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Brian Kelley Blocking Users by IP RE: Blocking Users by IP

  • November 8, 2013 at 3:14 am

    #1665031

    K. Brian Kelley (4/15/2011)

    jinlye (4/15/2011)

    this seems like a lot of effort and increased overhead on your SQL database, for something that can be handled much more efficiently at the transport layer

    If in your situation you can handle this much more efficiently at the transport layer, then you should. But if you can't (in a large organisation your empire as DBA may stop where your database ends, and you don't have control over the transport layer), then here is a cool idea for adding IP-based restrictions. YMMV.

    Exactly. I wrote the article in response to a question I received where the DBA was not getting support from the networking folks. My typical recommendation (check my blog) is to try and do this with a firewall between SQL Server and everything else (not the OS, but a separate device).

    Nice article, thanks.

    Too bad sometimes we end up doing things in the "wrong" place because we don't get assistance from those who could do it in the "right" place.

    I could accept this solution as a temporary workaround while the network guys do their homework, but I would definitely avoid it as permanent solution.

    -- Gianluca Sartori