Managing security
Published 14 February 2023
See Hardening a monitoring installation whitepaper in addition to the content on this page.
Protecting the encryption keys used to store monitoring credentials securely
More information about how to manage the encryption keys can be found in Managing the encryption keys file. It includes advice on protecting the encryption keys which it is strongly recommended that you follow.
Protecting the configuration file
The configuration file might contain password information in plain text if you specify SQL Server Authentication as part of the connection string. In this case, ensure unauthorized users can't view the file's contents; for example, you could deny access to the folder.
The monitoring service account needs access to the configuration file.
We recommend using Windows Authentication or gMSA instead of SQL Server Authentication.
Encryption between the Base Monitor and the web server
The communication between the Base Monitor and the web server is encrypted with a self-signed certificate.
Encryption between the web server and the user
It is recommended that HTTPS be configured on the web server. See here for more information on how to set up SQL Monitor in IIS and here on how to set up in the default web server (Kestrel). When using IIS, application initialization should also be configured as described here.
Log files
The SQL Monitor log files contain information about your estate. This information includes items such as the names of monitored servers, the names of databases, the names of accounts used to access servers and the names of users attempting to log into SQL Monitor. The log files are stored locally on your estate and are not automatically shared with Redgate. However, they are an important tool for troubleshooting and will commonly be requested by Redgate's support team, in which case they will be handled in line with our Privacy policy.
Authentication
We recommend configuring OpenID Connect (OIDC) in SQL Monitor to manage user access. See Authenticating with OpenID Connect for more details.
Redacting query plan parameter values
By default, values of query plan parameters are visible to users in the Administrator role and redacted for Standard and Read-Only roles. Since version 13.0.30, it's possible to redact query plan parameters for all users (incl. administrators), by setting the SQLMONITOR_AlwaysRedactQueryPlanParameters
environment variable on the Website to true
.