TechNet: Security Best Practices Checklist


  • Put a firewall between your server and the Internet.
  • Always block TCP port 1433 and UDP port 1434 on your perimeter firewall. If named instances are listening on additional ports, block those too.
  • In a multi-tier environment, use multiple firewalls to create screened subnets.

Isolation of services

  • Isolate services to reduce the risk that a compromised service could be used to compromise others.
  • Never install SQL Server on a domain controller.
  • Run separate SQL Server services under separate Windows accounts.
  • In a multi-tier environment, run Web logic and business logic on separate computers.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s