|
|
|
|
|
Database Scanner 3.0.1 1 2 3 4 5 6 7 8 9 10 The information in a company has become its most vital asset. A significant amount of that data resides in the databases that are being accessed by most employees running mission critical applications. Securing your systems and data is one of the most important jobs an administrator can perform. Are your systems secure? Do you have any holes that can be used for unauthorized access? Do you have a security policy in place? Do you know what your security risks are?If you are the majority of DBAs out there, you don't have answers to those questions without spending hours of time going through servers. Since security is vital, why not? It is mainly due to the fact that DBA resources are stretched extremely thin in an attempt to simply cover existing systems. Since you still need to manage security closely, you can either hire another DBA or you can purchase a product to help you manage security. Since we all know finding another qualified DBA is extremely difficult, that leaves us with using a product to manage security. This is the niche that Database Scanner from Internet Security Systems fits into. Database Scanner is a very simple product to learn and use. It will enable scanning of your system at both an NT and SQL Server level for anything that violates the security policy that you have defined. Below is the main screen from which you launch this capability. Database Scanner ships with 3 predefined security policies for you to use. The first step is to get familiar with these polices and what things are scanned.
Clicking the Set Security Policy button will display the screen below. This review utilizes the default Maximum security policy for Microsoft SQL Server. I've found that none of the predefined security policies are usable in a production environment out of the box. You will need to make a copy of the appropriate policy as a template and modify it to fit your needs in all cases. Take the time to get a feel for what has been set by default in each of the policies. The minimum security policy should be mostly adequate for 99% of the installations with a few minor changes. The maximum security policy is definitely overkill for all but the most security conscious installations. Implementing the maximum policy will seriously hinder significant parts of functionality that applications normally make use of. My suggestion is to take the time to understand what each of the settings are, how they fit into an overall security audit, and why they are set to the values they are. (Even if you don't exactly agree with what the defaults are)
|
All content on this site, except where noted, represents an original work of Michael R. Hotek and is protected by applicable copyright laws. The SQL Server FAQ is the sole work of Neil Pike. No page, portion of a page, or download may be used for commercial purposes in whole or in part without the express, written permission of the applicable author.
