Editorials

SQL Server 2005 Management Tools

by Ben Taylor

Webcast Tomorrow – Register Now
SQL Server 2005 Tuning Tools and Approaches
We’ll look into the tools and techniques you have available to you in SQL Server 2005 for investigating performance issues, understanding what your server is doing and how you can use this information to tune your system. From Performance Monitor to watching queries that are executing we’ll show you some of the tools at your disposal for diagnosing server issues of performance and possible tuning targets.

> Register Now
> Live date: 6/11/2008 at 12:00pm Noon Pacific

Tired of Building and Rebuilding Reports?
Have you ever beat your head against the wall trying to get yet another report built for users – or, if you’re using a report, trying to get just a little more information out of that report? Use the right tools to build the reports in the first place and you can empower your users to run their own what-if scenarios, drill down into data and a whole lot more. Check out Business Objects – they have some really solid tools you can use to provide a much more compelling reporting toolset for your applications. Get more info here.

Granular Security: Clearly an Issue
Yesterday I asked how Everyone was addressing security associated with controlling access to the SQL Server data stores.

The answers were pretty much unanimous – "it’s not easy, we don’t have good solutions and we’d love to hear how others are doing it!"

This seems to be pretty much the case – though there are some applications coming out now that will hopefully help with this, it seems that when it comes to protecting data, the application is the first, and last, line of defense today, at least at a very, very granular level. In other words, the access to the database is fairly generalized so the applications and reports can get the information they, need. The application, then, is expected to control access to that pipe and provide logged-in users with only information they should have access to.

This brings a number of issues to the forefront of course. You’re playing with fire a bit because you’ve just decentralized your security and access controls. You’re also relying on those applications to have robust controls and not, in and of themselves, be introducing issues and access issues. Beyond that, it forces you to have a database that’s probably a bit (!) more open to access than it should be in a perfect world.

Not, of course, that I know at this point how you’d apply these types of use-based restrictions with today’s tools, I’m just saying that I think it’s a hole. I heard from a couple of vendors with solutions that are being offered and I’d like to take some more time to learn as well.

In the meantime, if you’ve used a solution, built a solution or know of a way to accomplish much stronger access controls, please do let me know. Email me here and let me know how you’re approaching this.

Featured White Paper(s)
BitLocker: Is It Really Secure?
What is BitLocker? How does it work? Is it a truly safe way to protect your data and applications, hard drive, and operation … (read more)

Are AJAX Applications Vulnerable to Hack Attacks?
This paper reviews AJAX technologies with specific reference to JavaScript and briefly documents the kinds of vulnerability c… (read more)

Tags:
Author: Ben TaylorBen is a Relational Database veteran starting in the early eighties on DEC Vax database systems such as Bloom and Harvest. He has specialized in SQL engines for more than two decades, with a primary focus on Microsoft SQL Server. Ben has worked with small and large databases for both OLAP and OLTP working on systems for many industries such as Medical (Medical Claims and Eligibility Warehouse, HMO Provider Management, Enrollment), Financial (credit card processing, mortgage, stock portfolio management), Manufacturing (Assembly Line and Product Assemblies), Sales, Auto Auctions and more.