June 23, 2003 at 3:16 am
Completely agree with the points made about security David, it's usually what you don't know about that the latest hack will take advantage of. Recognising that, whilst at the same time testing and applying the latest patches as they become available keeps you from becoming complacent and alert to the risk.
Security issues aside, I've experience running SQL Server 7 & 2000 against IIS and have found that the two most definitely DO compete for memory even on relatively lightly loaded systems. I'm sure it's possible to get a good compromise between the two on a system with plenty of RAM, although personally I don't like limiting the memory that SQL Server can allocate to itself, especially if it is being used in a changing environment and hosting more than just one database, as memory requirements can grow and cause problems you didn't expect when first tuning for optimal memory needs. In a sentence, IIS and SQL Server don't make good bedmates. You can spend more time sorting out the issues than buying a new server.
The other practical problem I've found is that third party vendors like to release patches to their (web based) software on a regular basis, and some of these require server re-boots to initialise IIS components. Obviously this is hardly ideal if the database server is hosted on the same box, serving up data to more than a single set of users using different apps, as the outage will take down all of the apps., not just the one that needs patching.
However, for hosting internal development sites or a single non-profit making site, with a single database, I would imagine the cost implications will almost always outweight the resiliance arguments. Just hosting SQL Server is expensive, without putting it on a separate box.
Edited by - jonreade on 06/23/2003 03:20:56 AM
Jon
June 23, 2003 at 4:31 am
I agree that security is getting tougher (wait, it was always tough!). I'm hoping that the tool vendors will fill in the gaps. Locking down the enviroment is fairly mechanical, it's just there are so many different places.
Andy
June 23, 2003 at 6:06 am
quote:
I think this is worth an article in its own right. When I did the MS courses for SQL6.5 it said that the logon under which SQL Server or SQL Agent runs should be an admin.Now that this is no longer the case I should like to know how tightly I can lock down the user accounts for my MSSQLSERVER and SQLSERVERAGENT services. Ideally I want them tighter than two coats of paint!
I cover the basics here, but I do need to update because it doesn't go into specifics and doesn't cover file/registry permissions.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
July 15, 2003 at 1:34 am
Good article. In my environment, security is constantly under review. IIS + SQL (same server) = BAD. Enjoyed seeing the other reasons.
June 4, 2004 at 5:39 am
Hi,, I like your article, great and many thanks, I like your writing style,
And then there was this.
.......OK I know that hackers are developers in much the same way that terrorists of which we approve are called freedom fighters!.......
Coming from South Africa and having grown up in an extremely oppressive regime I know that it will take a lot more explaining about what freedom fighters are than you are attempting here.
Keep up the good work!
Antonio
June 16, 2009 at 12:02 pm
Hi David,
It seems I am a entry level developer, and not as experienced *** you to comment on your article. But would surely like to say this was the best article on the topic I am researching on IIS and sql on same box... I loved your article the way you explained all the issues...
I would like to get an advice from some one like you... I want to put a proposal to management for separating the iis and sql server...now after reading your article I am clear on that...but i would like to get a knowledge on how much hardware config is required for 2 separate boxes...
Let me give you some info on my websites running..i am using a Asp.net based CMS and we have many of our international websites like 15 websites running on the same server...which also has sql server in it....I just got to know that we have around 8000 hits everyday combining all the websites ( which are running on the same one server) Currently our config of the server is ...Intel Xeon E5430 @2.66Ghz..4 gb Ram..70 gb harddisk....We are running out of hard disk space and I have to download the backups daily and its very irritating.... I just joined this firm and feel with their growth they need the upgrade..On our website we have lots of images..
2 questions... 1-> do you feel current config is enough?
2->if we separate the box what should be the minimum config for both iis and sql server...
I would appreciate your help...
Thanks,
Sid
June 16, 2009 at 12:34 pm
Moving to SQL 2005 - strategies. Please don't post in author's forums.
June 16, 2009 at 12:51 pm
Ok, moved back. Doh! Didn't realize this was a continuation of another thread.
One note, if you are not asking a question on the article, you want to start your own thread. This isn't consulting, and it's a little inappropriate to ask a specific person for advice on your own issue.
As far as the config, it's hard to know what to recommend. The same size boxes for SQL will obviously give you more resources. you ought to be able to calculate disk space needs (mdf/ldf + 2 days backups at least and pad), for memory, get at least as much, it's cheap now.
CPU, go with something modern. You'd have to examine your system and determine how CPU bound it is now. If it's not, then you should be fine with the current CPU
Viewing 8 posts - 16 through 22 (of 22 total)
You must be logged in to reply to this topic. Login to reply