Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Connecting to MS SQL Server through secured line

Labels:
avatar
author-rank kums
Expert Contributor

Created ‎06-13-2018 06:29 PM

Team,

I build a new cluster and we have jobs to pull data out of MS SQL Server.

MS SQL Server listens on port 1433 and our Network Security team has denied to open firewall between our Hadoop Cluster and MS SQL Server saying that port 1433 is a non secure port.

MS SQL DBAs said that they cannot enable SSL on the DB side because other applications(legacy) would not be able to connect to MS SQL Server.

Now from hadoop side we need to ensure our connections are secure.

Has anybody faced this situation ?

thanks

Kumar

898 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank arald
Super Collaborator

Created ‎06-14-2018 08:05 AM

it's quite usual, that the DB servers are protected from access from the internet, and if your hadoop cluster is not in the company network, it is considered as being internet, so you security team will not allow access.

You can discuss with your networks security team, if a VPN tunnel from your hadoop cluster to the sql server is possible, but in most cases, network security will require in that cases to apply all internal security standards on your hadoop cluster as well, as otherwise they are not considered as trustworthy.

Another option is, if a SSH connection is allowed from the ms SQL server to your hadoop cluster, in that case you could tunnel the port 1433 as well to use it from hadoop.

A common solution to this situation is also to migrate the hadoop cluster from a cloud location to a on premise installation.

View solution in original post

799 Views
0 Kudos
1 REPLY 1

avatar
author-rank arald
Super Collaborator

Created ‎06-14-2018 08:05 AM

it's quite usual, that the DB servers are protected from access from the internet, and if your hadoop cluster is not in the company network, it is considered as being internet, so you security team will not allow access.

You can discuss with your networks security team, if a VPN tunnel from your hadoop cluster to the sql server is possible, but in most cases, network security will require in that cases to apply all internal security standards on your hadoop cluster as well, as otherwise they are not considered as trustworthy.

Another option is, if a SSH connection is allowed from the ms SQL server to your hadoop cluster, in that case you could tunnel the port 1433 as well to use it from hadoop.

A common solution to this situation is also to migrate the hadoop cluster from a cloud location to a on premise installation.

800 Views
0 Kudos
webinar banner
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
meetups banner