Encryption between the monitoring service and Web Server

The communication between the monitoring service and the Web Server is encrypted with a self-signed certificate.

Credentials for host machines and SQL Server instances

SQL Monitor stores monitoring data, alert information and configuration settings in the SQL Monitor database (see: Configure the Base Monitor Service and SQL Monitor database).

When you add servers to monitor, the login and password you provide for each host Windows machine and SQL Server instance are stored in settings tables in the SQL Monitor database. Passwords are obfuscated before being stored, but they are not encrypted, so make sure you limit access to the database.

Protecting the configuration file

The configuration file might contain password information in plain text if you specify SQL Server authentication as part of the connection string. Make sure unauthorized users can't view the file's contents; for example, you could deny access to the folder.

The monitoring service account needs access to the configuration file.

Log files

The SQL Monitor log files contain information about your estate. This information includes items such as the names of monitored servers, the names of databases, the names of accounts used to access servers and the names of users attempting to log into SQL Monitor. The log files are stored locally on your estate and are not automatically shared with Redgate. However, they are an important tool for troubleshooting and will commonly be requested by Redgate's support team, in which case they will be handled in line with our Privacy policy.