Re: Anti-Virus on SQL Server? - Merits and Arguments?

From: Steve Thompson (SteveThompson_at_nomail.please)
Date: 01/22/04 

Date: Thu, 22 Jan 2004 12:59:59 -0500

> "Aaron Vance" <thisisnttheemailyourlookingfor@nospam.com> wrote in message
> news:u$mL3kF4DHA.3576@TK2MSFTNGP11.phx.gbl...
> > Do any of you run any anti-virus software on your SQL Servers -- for
> > dedicated SQL Server boxes?

 We run anti-virus software on ALL of our servers regardless of role.

> > We have some varying views within our organization on what approach to
> take
> > to protecting the SQL Server.
> >
> > We do not have any file shares, or IIS or any unneeded services running
on
> > our dedicated SQL Server's -- thus I guess I do not see the merit of
using
> > anti-virus software on the SQL Server itself when the attach vectors are
> > fairly minimized.
> >
> > Our SQL Servers are all internal, no DMZ, no external. The only major
> > vulnerability would be internal threats (which are minimized by other
> > internal controls, i.e. AV at the desktop, etc.).
> >
> > Is patch management, properly configured SQL Server security, and a good
> > understanding of what services are open on the particular box enough to
> > protect against 90-95% of the vulnerabilities that may exist?
>
 Let's say you protect against 95% of all virus vulnerabilities, that still
 leaves a 5% exposure. I understand the points you are making, however if
one
 of my servers were compromised, and I had to make an explanation to
 management -- I would not be comfortable in saying that I took most steps
in
 protecting these servers but not all.

 Steve