Some people do that, although I think it is more of 'security through obscurity'. The ports would be discoverable through an nmap scan anyhow.

Consider enabling TLS connections on your SQL Server.

HI

how to enable TLS connections in sql server , is it necessary for deploying sharepoint 2013 using sql server back end,

or

can i consider for using sql aliases in sharepoint servers and leave default ports in sql server ?

In the SQL Server Configuration Manager, under SQL Server Network Configuration, right click on Protocols for <InstanceName>, go to Properties, and change Force Encryption to Yes. There shouldn't be anything that you need to do.

I use SQL Aliases when I'm not using AlwaysOn listeners. You should always use SQL Aliases when using single SQL Servers, Clusters, or any HA method that doesn't involve an AlwaysOn listener.

HI,

thanks 

- i did not get that point you told AlwaysOn listeners ,

AlwaysOn Listeners are for when using SQL AlwaysOn. If you aren't using that, then don't worry about it. But do make sure to implement a SQL Alias on your SharePoint server(s).

we have plan to make sql server cluster and always on ,

we are deploying internet based portal for our organization its the portal for one of governmental.

so actually i want to know more about sql server security and high availability methods

-if we use sql aliases in sharepoint servers for a named instance ,

how it will take affect on implement all high availability methods and disaster recovery methods for sql server ? 

or can i open other thread for above line

If you're using AlwaysOn, simply point SharePoint at the listener name. You should be familiar with AlwaysOn Listeners prior to deployment. AlwaysOn provides local High Availability for SharePoint. Disaster Recovery is an entirely different matter (as usually the DR data center would be too far away to leverage AlwaysOn in Sync mode).