IN THIS CHAPTER
On January 24, 2003, a worm named Sapphire or W32.Slammer attacked the computers running SQL Server 2000 and MSDE 2000, propagating via UDP Port 1434 and causing a dramatic increase in network traffic. This incident reinforced the importance of the ongoing Trustworthy Computing initiative. In the past two years, Microsoft has invested significant time and resources in enhancing the security in each of its products, including SQL Server 2005. SQL Server 2005 redefines the server's security framework by introducing several new features and enhancements that offer developers and administrators greater control over access to sensitive data while simplifying their routine tasks. A lot of work has been done to address weaknesses in previous releases, to simplify security management and administration, to strengthen SQL Authentication, to provide granular permissions, to secure system metadata, to improve auditing capabilities, and to secure various subsystems. This chapter discusses these security enhancements to assure you that SQL Server 2005 is secure by design, secure by default, and secure in deployment. |