Sql server 2005 Security Best Practices Operational and Administrative Tasks

SQL Server 2005 Security Best Practices - Operational and Administrative Tasks

Writers: Bob Beauchemin, SQLskills

Technical Reviewers: Laurentiu Cristofor, Al Comeau, Sameer Tejani, Devendra Tiwari, Rob Walters, Niraj Nagrani

Published: March 2007

Applies To: SQL Server 2005 SP2

Summary: Security is a crucial part of any mission-critical application. This paper describes best practices for setting up and maintaining security in SQL Server 2005.

Copyright

This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.

Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is intended or should be inferred.

 2007 Microsoft Corporation. All rights reserved.

Microsoft, Active Directory, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Table of Contents

Introduction

Surface Area Reduction

• 
  Database Engine
  
• 
  Analysis Services Engine
  
• 
  Reporting Services
  
• 
  Integration Services
  
• 
  Notification Services
  
• 
  Documentation and Samples
  

SQL Server has always been a feature-rich database and the number of new features in SQL Server 2005 can be overwhelming. One way to make a system more secure is to limit the number of optional features that are installed and enabled by default. It is easier to enable features when they are needed than it is to enable everything by default and then turn off features that you do not need. This is the installation policy of SQL Server 2005, known as "off by default, enable when needed." One way to ensure that security policies are followed is to make secure settings the default and make them easy to use.

SQL Server 2005 provides a "one-stop" utility that can be used to enable optional features on a per-service and per-instance basis as needed. Although there are other utilities (such as Services in Control Panel), server configuration commands (such as sp_configure), and APIs such as WMI (Windows Management Instrumentation) that you can use, the SQL Server Surface Area Configuration tool combines this functionality into a single utility program. This program can be used either from the command line or via a graphic user interface.

SQL Server Service Area Configuration divides configuration into two subsets: services and connections, and features. Use the Surface Area Configuration for Services and Connections tool to view the installed components of SQL Server and the client network interfaces for each engine component. The startup type for each service (Automatic, Manual, or Disabled) and the client network interfaces that are available can be configured on a per-instance basis. Use the Surface Area Configuration for Features tool to view and configure instance-level features.

The features enabled for configuration are:

• 
  CLR Integration
  
• 
  Remote use of a dedicated administrator connection
  
• 
  OLE Automation system procedures
  
• 
  System procedures for Database Mail and SQL Mail
  
• 
  Ad hoc remote queries (the OPENROWSET and OPENDATASOURCE functions)
  
• 
  SQL Server Web Assistant
  
• 
  xp_cmdshell availability
  

• 
  HTTP endpoints
  
• 
  Service Broker endpoint
  

sac in server1.out –S server2

EXEC sp_configure 'show advanced options', 1

GO

-- Update the currently configured value for advanced options.

GO

-- Disable the feature.

GO

-- Update the currently configured value for this feature.

GO
In SQL Server 2005, SQL Server Browser functionality has been factored into its own service and is no longer part of the core database engine. Additional functions are also factored into separate services. Services that are not a part of the core database engine and can be enabled or disabled separately include:

• 
  SQL Server Active Directory Helper
  
• 
  SQL Server Agent
  
• 
  SQL Server FullText Search
  
• 
  SQL Server Browser
  
• 
  SQL Server VSS Writer
  

Best practices for surface area reduction

• 
  Install only those components that you will immediately use. Additional components can always be installed as needed.
  
• 
  Enable only the optional features that you will immediately use.
  
• 
  Review optional feature usage before doing an in-place upgrade and disable unneeded features either before or after the upgrade.
  
• 
  Develop a policy with respect to permitted network connectivity choices. Use SQL Server Surface Area Configuration to standardize this policy.
  
• 
  Develop a policy for the usage of optional features. Use SQL Server Surface Area Configuration to standardize optional feature enabling. Document any exceptions to the policy on a per-instance basis.
  
• 
  Turn off unneeded services by setting the service to either Manual startup or Disabled.