SQL Monitor 3

Managing security in SQL Monitor

Encryption between the Base Monitor service and Web Server

The communication between the Base Monitor service and the Web Server is encrypted using a self signed certificate.

Where does SQL Monitor store credentials for host machines and SQL Server instances?

When you install SQL Monitor, it creates a single Data Repository database in which all monitoring data, alert information and configuration settings are stored.

When you add servers to monitor, the login and password you provide for each host Windows machine and SQL Server instance are stored in settings tables inside the Data Repository.

Passwords are obfuscated before they are stored in the Data Repository.

Protecting the configuration file

The configuration file referenced above may contain password information in plain text if you specify SQL Server authentication as part of the connection string. You should ensure that unauthorized users are unable to view the contents of this file, for example, by denying then access to the folder.

The Base Monitor service account needs access to the configuration file.

Log files

There is no sensitive information logged in the log files created by the Base Monitor service or the Web Server.

 


Do you have any feedback on this documentation?

Let us know at sqlmonitorfeedback@red-gate.com


Didn't find what you were looking for?