Security of in-transit data for Geo-Replication in Azure SQL Database

Hi,

We want to enable Geo-Replication in Azure SQL Database. However for compliance reasons, we want to be sure that replication to secondary region happens over a secure encrypted channel.

Is there any documentation available to confirm that data in-transit during geo-replication goes over a secure encrypted channel?

I have looked into Microsoft Azure Trust center and there is a brief mention about using standard protocols for in-transit data. However I could not find information related to which protocols are used and how security of in-transit data is ensured. 

Thanks,
Gaurav

August 24th, 2015 9:12am

Hi Gaurav,

I think by default it is not encrypted.

So you need to ether procure a private channel that allows encyption, or perhaps use OpenSSH.

Free Windows Admin Tool Kit Click here and download it now
September 1st, 2015 2:56pm
Hi Gaurav, SQL database geo-replication uses secure channel. If you are using V11 servers the SSL certificates are global and regularly rotated. If you are using V12 servers the certificates are scoped to the individual logical servers. This provides secure channel isolation not only between different customers but also between different applications. Based on this post I have filed a work time to reflect this in the documentation as well.
September 4th, 2015 6:22pm
Hi Gaurav, SQL database geo-replication uses secure channel. If you are using V11 servers the SSL certificates are global and regularly rotated. If you are using V12 servers the certificates are scoped to the individual logical servers. This provides secure channel isolation not only between different customers but also between different applications. Based on this post I have filed a work time to reflect this in the documentation as well.
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 6:25pm
Hi Gaurav, SQL database geo-replication uses secure channel. If you are using V11 servers the SSL certificates are global and regularly rotated. If you are using V12 servers the certificates are scoped to the individual logical servers. This provides secure channel isolation not only between different customers but also between different applications. Based on this post I have filed a work time to reflect this in the documentation as well.
September 4th, 2015 10:14pm
Hi Gaurav, SQL database geo-replication uses secure channel. If you are using V11 servers the SSL certificates are global and regularly rotated. If you are using V12 servers the certificates are scoped to the individual logical servers. This provides secure channel isolation not only between different customers but also between different applications. Based on this post I have filed a work time to reflect this in the documentation as well.
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 10:14pm
Hi Gaurav, SQL database geo-replication uses secure channel. If you are using V11 servers the SSL certificates are global and regularly rotated. If you are using V12 servers the certificates are scoped to the individual logical servers. This provides secure channel isolation not only between different customers but also between different applications. Based on this post I have filed a work time to reflect this in the documentation as well.
September 4th, 2015 10:14pm
Hi Gaurav, SQL database geo-replication uses secure channel. If you are using V11 servers the SSL certificates are global and regularly rotated. If you are using V12 servers the certificates are scoped to the individual logical servers. This provides secure channel isolation not only between different customers but also between different applications. Based on this post I have filed a work time to reflect this in the documentation as well.
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 10:14pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics