Manualshelf

Installation guide

ManualsBrandsVMware ManualsOtherVCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
21222324252627282930
SQL Server
6
SQL Server
The following sections describe security and hardening guidelines that are unique to the system where
Microsoft SQL Server and your databases are installed. The database machine might be the same one as
the VCM Collector, or it might be a separate machine if you are running a split VCM installation.
Using VCM to Manage the SQL Server
After you install VCM, use it to manage the SQL Server system, subject it to assessment, and maintain its
integrity. Running the following VCM compliance template against SQL Server detects and identifies some
of the security setting and configuration issues that you must address.
VMware vCenter Configuration Manager Hardening - SQL Server 2008
NOTE If you have VCM installed and are preparing to set up another SQL Server, running the template
can help you preharden the candidate system.
The remaining SQL Server hardening steps in this chapter are in addition to those that you apply for all
server zone systems. See "Server Zone Security" on page 21.
Having a SQL Server Machine Group in VCM
To better manage SQL Server systems, place them into a separate, dedicated SQL Server machine group in
VCM, and make sure that the machine group is not authorized to any nonadministrator VCM user.
Without a machine group, you might mix VCM SQL Server management with non-VCM servers, which
can result in the misconfiguration of necessary security settings.
Managing the right group of SQL Server allows them to be assessed routinely by the VCM security
assessment compliance tests and monitored for configuration and change, all of which can be managed
and tracked through VCM.
Failure to follow this guideline means that the security posture of unmanaged VCM SQL Servers cannot
be assessed, tracked, or controlled with VCM. Later, if a SQL Server comes under VCM management,
there is also the risk that it might be incorrectly placed into a machine group that is managed by
nonadministrator VCM users.
Microsoft SQL Server Best Practices and Hardening Tests
Microsoft provides guidelines and an auditing tool that ensure the secure installation and operation of SQL
Server. The following tools are available from the Microsoft Web site.
VMware, Inc.
27