Hi FrankFromHR,

We wanted to check in regarding your query, as we have not heard back from you. If you have resolved the issue, sharing the solution with the community would be greatly appreciated and could help others encountering similar challenges.

If you found our response useful, kindly mark it as the accepted solution and provide kudos to guide other members.

Thank you.

Hi FrankFromHR,

We have not received a response from you regarding the query and were following up to check if you have found a resolution. If you have identified a solution, we kindly request you to share it with the community, as it may be helpful to others facing a similar issue.

If you find the response helpful, please mark it as the accepted solution and provide kudos, as this will help other members with similar queries.

Thank you.

Thankyou, @lbendlin, for your response.

Hi FrankFromHR,

We appreciate your inquiry through the Microsoft Fabric Community Forum.

Based on my understanding, exposing port 1433 to the public is a potential security risk. Currently, Microsoft Fabric Eventstreams require the source to be accessible from Fabric’s public infrastructure, as VNet integration or Private Endpoints are not yet supported for Eventstream connections.

Kindly follow the steps below which may help you establish a secure and controlled connection without broadly exposing your server, thereby resolving the issue:

1. You may restrict access to your SQL Server by configuring your firewall or Network Security Group (NSG) to allow inbound access on port 1433 only from Fabric’s IP ranges. This will ensure that only Microsoft Fabric can connect, and general internet traffic will be blocked.
2. For enhanced security, we recommend adopting a push-based architecture. In this approach, your SQL Server (CDC) changes can be securely pushed to Azure Event Hub, which then feeds into Fabric Eventstream. This method eliminates the need to expose the SQL Server port and ensures full security through Azure networking.
   You can use tools such as Kafka Connect or Logic Apps to extract the CDC changes and send them securely to Azure Event Hub, followed by connecting Fabric Eventstream to that Event Hub.

If you find our response helpful, we kindly request you to mark it as the accepted solution and provide kudos. This will assist other community members facing similar issues.

Should you have any further queries, please feel free to contact the Microsoft Fabric community.

Thank you.

These are the directions from the document that I linked. 

• Server: Enter the publicly accessible IP address or domain name of your VM, and then add a colon and the port. For example, if your IP address is xx.xxx.xxx.xxx and the port is 1433, then you should enter xx.xxx.xxx.xxx:1433 in the Server field. If the port isn't specified, the default port value 1433 is used.

Nothing about that is secure, it's asking me to expose my SQL server to the public internet. If the SQL server pushed data to Eventstream I wouldn't need to expose 1433 to the public internet, I would configure the SQL Server not the Eventstream connection. 

Eventstreams are things where your data source pushes out data to the destination, instead of responding to polling. There is no security issue in a push scenario.