Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
laddu
Constraint Violating Yak Guru
332 Posts |
 Posted - 2011-06-09 : 10:33:29
|
| We have got below security risk for our production server during the DB scan. Please let me know whether this fix will effect the application? Thank you.Encryption of DBMS sensitive data in transitSummary: Data served by the DBMS and transmitted across the network in clear text is vulnerable to unauthorized capture and review.Overview: Data served by the DBMS and transmitted across the network in clear text is vulnerable to unauthorized capture and review. Thiscan be prevented by enforcing the encryption of communication using SQL Server settings.When the ForceEncryption option for the Database Engine is set to Yes, all client/server communication is encrypted. In cases when clientscannot support encryption, they will be denied access.When the ForceEncryption option for the Database Engine is set to No, encryption can be requested by the client application but is not required.NOTE: Review the system security plan to determine if any encryption is needed for network transmission of DBMS data. If found thatencryption is needed then DISA-STIG rates this as High Risk Level.Fix / Recommendations: To configure encryption, use SQL Server Configuration Manager:1) Expand SQL Server Network Configuration,2) Right-click on Protocols for needed MSSQL Instance ("Protocols for <instance name>")3) Select the Flags tab4) Select Yes for ForceEncryption from the pull-down options.SQL Server must be restarted after you change the ForceEncryption |
|
|
|
|
|
security risk