1 / 7

SQL Server Assessment Results

Executive summary of the SQL Server assessment results. Includes areas of improvement and highest priority recommendations for upgrade, migration, deployment, security, compliance, operations, monitoring, performance, scalability, availability, and business continuity.

nkemp
Download Presentation

SQL Server Assessment Results

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SQL Server Assessment Results Click here to view in Azure Log Analytics

  2. Executive Summary 1. What went well: 87% Passed • Upgrade, Migration and Deployment 2. What needs Improvement: • Security and Compliance 3. Highest Priority Recommendations: • Review the build number of the SQL Server instance.

  3. Security and Compliance • Highest Priority Recommendations • Configure and Enforce the Setting "Windows Firewall: Domain: Firewall state" via GPO Enable and Enforce the Setting "Turn off Autoplay" via GPO Configure and Enforce the Setting "Windows Firewall: Public: Firewall state" via GPO Mitigations missing for speculative execution side-channel vulnerabilities Avoid using domain administrator accounts to run the SQL Server service. Configure the Setting "Network security: LAN Manager authentication level" and Enforce via GPO Enable and Enforce "Microsoft network server: Digitally sign communications (if client agrees)" via GPO Avoid using the Local System account to run the SQL Server service. Review the SQL Server Instance configuration settings for ‘CLR enabled’ and configure the value to match the company security policy. Ensure only essential users are added to the SQL Server instance sysadmin server role. 68% Passed

  4. Operations and Monitoring • Highest Priority Recommendations • Create a schedule to run DBCC CHECKDB regularly. Review the auto grow increment setting for databases on the SQL Server instance. Configure Auditing for Account Logon: Credential Validation Configure Auditing for Detailed Tracking: Audit PNP Activity Configure Auditing for Account Management: User Account Management Configure Auditing for Detailed Tracking: Audit Process Creation Configure Auditing for Logon-Logoff: Audit Account Lockout Configure Auditing for Object Access: Audit Detailed File Share Configure Auditing for Logon-Logoff: Audit Group Membership Configure Auditing for Logon-Logoff: Audit Other Logon/Logoff Events 77% Passed

  5. Performance and Scalability • Highest Priority Recommendations • Increase the number of tempdb database files for optimal performance. Modify auto-growth settings to use a fixed size growth increment of less than 1 GB on data and log files of user databases and the TempDB system database. Consider updating statistics by using AUTO_UPDATE_STATISTICS and/or UPDATE STATISTICS (T-SQL) Investigate the SQL Error Log: 3409: Performance counter shared memory setup failed. Increase the initial size of the tempdb database. Update the user databases to match the collation of the master and model databases. Review the SQL Server instance configuration setting for Backup Compression Default and configure the value to match your company policy. Review the ‘system managed’ page file setting on the Microsoft Windows Server. Increase the amount of available physical memory investigate for excessive paging file usage or reduce the number of processes on the computer. Separate tempdb and user database files by placing them on different volumes. 90% Passed

  6. Upgrade, Migration and Deployment • Highest Priority Recommendations • Review the build number of the SQL Server instance. Install the latest service pack or hotfix for the SQL Server. Verify the compatibility of third party modules loaded into SQL Server address space in case of upgrade Review the Hyper-V Operating System Virtualization for SQL Server. One or more databases are using Enterprise edition features 88% Passed

  7. Availability and Business Continuity • Highest Priority Recommendations • Schedule a full database backup and ensure that it has a frequency of seven days or less. Change the recovery model to FULL or BULK_LOGGED. Review the SQL Server Instance configuration setting for recovery interval and change it to the default value. The current SQL Server error log is too large. Investigate SQL Error Log message 17806 – SSPI handshake failed while establishing a connection with integrated security. Move databases from the system disk to a Data Disk. Review the non-default Agent XPs option setting on Microsoft SQL Server. Place data files and transaction log files on separate physical drives for user databases. Review the SQL Server instance configuration settings for transform noise words and configure the value to match your company policy. 98% Passed

More Related