Configuration Manager now supports SQL Extended Protection for Authentication
Configuration Manager now supports SQL Extended Protection for Authentication. It's a security feature that...
Updated Jun 26, 2024
Version 2.0
Blog Post
Bala_Delli PalikaSingh
This post states that "SQL Extended Protection for Authentication" is a feature that is available starting in Configuration Manager 2405. I am running Configuration Manager 2303 with a database server (Windows Server 2019 V. 1809 Build 17763.6189) Running SQL Server 2022. On the database server (through SQL Server Configuration Manager) I was able to enable Extended Protection (set to "Required"). I subsequently was able to confirm that this effectively mitigated NTLM relay attacks against the Database server.
What exactly is the difference between what I did, and what is stated to be supported here? What benefit would I derive from upgrading to Configuration Manager 2405, that I don't already have with enabling Extended Protection via SQL Server Configuration Manager on my SQL Server as is (what is the distinction between the two)?