This is more of a security related question.
Usually, we connect to Prod SQL Servers via Jump Servers. while connecting to jump server we get the verification code on mobile, we verify and we get access to the prod servers.
We do a RDP or using SSMS we connect to prod env.
Now, my question is, if we are having SSMS installed on local machine/laptop , we are also able to connect to prod servers. This is a potential security risk. How can we restrict such local connections.
We want to allow connections only via jump servers and not from any local machine / laptop.
Is there a way to restrict local connections from SQL Server side or do we need involve network team on this ? if network team is involved, what would they typically do in order to implement such process.
Want to have some idea before reaching out to them.