July 1, 2009 at 1:55 am
Hi All,
I am in the lookout for a guide which will help in Hardening SQL server for Security Compliance. Does any one have a list or compilation of what and how to go about hardening the SQL Server 2008.
Also, it would be great if I can find how to verify if the SQL server is compliant.
Thanks
Ravinder
July 1, 2009 at 12:05 pm
You might take a look at the NSA. They have guides for lots of software, they have one for SQL Server 2005, but not yet for 2008. I would imagine that a lot of the information for hardening 2005 would work for 2008.
The URL is: http://www.nsa.gov/ia/guidance/security_configuration_guides/database_servers.shtml
If you haven't hardened a server before, BE VERY CAREFUL. It's easy to lock yourself out of it entirely! Needless to say, it's best to work on a non-production system first that you can re-image if you have to.
-----
[font="Arial"]Knowledge is of two kinds. We know a subject ourselves or we know where we can find information upon it. --Samuel Johnson[/font]
July 1, 2009 at 9:06 pm
Thanks , I am just being initiated into the SQL server environment so I will need to be extra careful what I need to do here.
July 2, 2009 at 8:41 am
Good luck, Ravinder. I don't know how large your shop is, but if you have a separate team for server administration, also talk to them and make sure that your database servers are secure at the operating system level.
And there's several articles on this site talking about basic skills that you should learn for someone new to SQL Server, you might find them useful.
-----
[font="Arial"]Knowledge is of two kinds. We know a subject ourselves or we know where we can find information upon it. --Samuel Johnson[/font]
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply