我们有一个ASP.NET Web应用程序,其中SQL Server 2008 R2作为后端。
我们的客户希望托管在其服务器上的应用程序具有完全的管理访问权限。
我有两个问题:
1 - 有没有什么好方法可以限制他们访问后端数据库。
2 - 是否有任何工具(最好免费或便宜)监控是否有人从应用程序外部登录数据库?
非常感谢。
问候
We have a ASP.NET web application with SQL Server 2008 R2 as the backend.
Our client wants the application hosted on their servers to which they will have full administrative access.
I have 2 questions:
1 - Is there any good way of restricting their access to the back-end database.
2 - Are there any tools (free or cheap preferably) to monitor if anyone has logged into the database from outside the application ?
Many Thanks.
Regards
最满意答案
回答你的第一个问题:如果他们拥有对服务器的完全管理员访问权限,他们将能够对其上的数据库做任何他们想做的事情。 但是,如果您可以信任它们不要篡改它,您仍然可以向服务器添加审核。 我建议将其作为您提供支持的条件,不要直接对数据库进行更改。
回答你的第二个问题:
SQL Server审核 - 可用于实例和数据库级审核。
有关更多信息,这是一个非常好的指南,其中包含如何设置它的示例: http : //bradmcgehee.com/2010/03/30/an-introduction-to-sql-server-2008-audit/
这也提供了有关其工作原理和示例的更多信息: http : //msdn.microsoft.com/en-us/library/dd392015%28v=sql.100%29.aspx
In answer to your first question: If they have full admin access to the server, they're going to be able to do whatever they want with the databases on it. However you can still add auditing to the server, if you can trust them not to tamper with that. I'd suggest making it a condition of the support you provide them, to not make changes to the database directly.
In answer to your second question:
SQL Server Auditing - can be used for instance and database level auditing.
For more information, this is a pretty good guide with examples of how to set it up: http://bradmcgehee.com/2010/03/30/an-introduction-to-sql-server-2008-audit/
This also gives even more information on how it works and examples: http://msdn.microsoft.com/en-us/library/dd392015%28v=sql.100%29.aspx
更多推荐
发布评论