My organization had a security audit and was told that we need to DISABLE the "allow remote connection to this server" option for all of our SQL Servers. What impact would this have on connection to the SQL Server via Management Studio (SSMS) from a client machine/desktop or from a web app that might use a connection string or any other external app? All of the documentation I see regarding connectivity issues to a SQL Server seem to include "ENABLING" this option as a solution. Is there a workaround that will allow us to disable it but still allow the access we need from the target clients?
We have multiple versions that we would be doing this on 2012, 2014, 2016 and 2017.
The "allow remote connection to this server" option in SSMS (Server Properties-->Connections) is actually the remote access configuration option. This option is often mistaken for enabling remote network connectivity via SQL Server Configuration Manager, which might be what you've read.
The remote access option is a long deprecated feature that will be removed in a future SQL Server version. It will likely have no impact but your environment may be atypical so you may want to first test in a pre-prod environment before making the change in prod.
Below is the excerpt from the documentation.
The remote access option controls the execution of stored procedures from local or remote servers on which instances of SQL Server are running. This default value for this option is 1. This grants permission to run local stored procedures from remote servers or remote stored procedures from the local server. To prevent local stored procedures from being run from a remote server or remote stored procedures from being run on the local server, set the option to 0.