How to verify the cipher suites of the managed instance

公紀 谷崎 0 Reputation points
2023-10-13T07:30:27.5366667+00:00

I want to verify the cipher suites used in Azure SQL Managed Instance. In order to comply with the requirement 12.3.3 of PCI DSS, I would like to specify the cipher suites used in the Managed Instance and take measures to disable any vulnerable ones.

Thank you in advance.

Azure SQL Database
{count} votes

2 answers

Sort by: Most helpful
  1. ShaktiSingh-MSFT 13,836 Reputation points Microsoft Employee
    2023-10-17T04:49:00.3166667+00:00

    Hi
    公紀 谷崎
    ,

    Thanks for your patience.

    I have got the reply from the internal team as below:

    Customer could not disable cipher suites in SQL MI. The good news is that cipher suites are negotiated, so only cipher suites customer have in its environment could be used.

    The page below covers all the security standards/regulations supported by various Azure services. AFAIK, this is the official documentation. For SQL in general, using the latest cipher suites will require upgrade to drivers, setting proper connection attributes & taking other steps. Below should cover all of these.

    https://learn.microsoft.com/en-us/azure/azure-sql/database/security-best-practice?view=azuresql

    Hope this helps. Let us know if your have further queries.

    Thank you!


  2. ShaktiSingh-MSFT 13,836 Reputation points Microsoft Employee
    2023-10-18T10:15:06.3133333+00:00

    Hi
    公紀 谷崎
    ,

    I have got the below reply:

    The IP address changes but that happens rarely – it's unlikely that would happen during the scan.

    Thanks

    0 comments No comments