Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 333
  • Last Modified:

sql server BPA 05/08

I just came across the sql server best practices analyzer tool the other day.

My question is, what types of things does it identify.

What types of RISK does it identify, if any at all.

And basically what are the benefits of running it and  fixing the issues it finds, or what are the risks of ignoring the issues it flags up, i.e. worst case what could go wrong -- and likelehood of it going wrong if you dont fix it?
0
pma111
Asked:
pma111
  • 2
1 Solution
 
Daniel_PLDB Expert/ArchitectCommented:
It identifies your SQL and Windows settings in comparison with industry best practices.
http://www.mssqltips.com/tip.asp?tip=1972
http://www.databasejournal.com/features/mssql/article.php/10894_3493296_1/The-SQL-Server-Best-Practices-Analyzer.htm

There may be many risks of ignoring issues flagged by it, e.g. no database backup detected, old backups etc.

You can also find Microsoft Baseline Security Analyzer which helps to identify Windows administrative vulerabilities and/or IIS admionistrative vulnerabilities and/or weak passwords and/or SQL administrative vulnerabilities and/or check for security updates
http://technet.microsoft.com/en-us/security/cc184924
http://msdn.microsoft.com/en-us/library/ff647642.aspx
http://www.malwarehelp.org/using-microsoft-baseline-security.html
0
 
pma111Author Commented:
Thanks so all the tests it tests for - if ignored - technically can create a risk?

Is there anywhere without downloading the tool which lists every test it tests for and the issue/risk of not doing it in line with such best practice?
0
 
Daniel_PLDB Expert/ArchitectCommented:
Thanks so all the tests it tests for - if ignored - technically can create a risk?
Technically, yes.

Is there anywhere without downloading the tool which lists every test it tests for and the issue/risk of not doing it in line with such best practice?
I don't think so, but you can try to analyze your system and than with report find out info about suggestions you've got - what do they bring, what do they solve etc.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now