Autoupdate SQL Server

Randy Holloway reply to my post on autoupdating SQL Server box

Paschal, why couldn't you manage this with a server with a DMZ server with a hole opened up to the inside with IPSec to keep it secure? I agree that the box can't be hit directly, but surely there is a reasonable way to accomplish this objective.

For god sake, why doing such thing ? Since years and years, Microsoft (and other serious software houses like Oracle) told every DBA that the right architecture for a database server is to hide the box from the outside world just limiting the connection with one trust live server.

So why should I change this model which works perfectly well, for some few updates from the big company ?

I am probably stubborn, but I also tried to reply the same to Robert Mc Laws, and I don't see any advantages to make the box visible.

Why do we want to make things so complicated ?

Randy explain your point of view to any DBA who has the responsibility of personal details, like credit card numbers or address, and he will certainly answer No Way !

As you suggest in your comment, a hole is a breach of security, whatever you setup IPSec or not.

The solution Robert proposed is cool, no doubt about this but it's only good in an ideal world, with no hackers, no hungry marketing people, starved to death and eager to steal our precious data ;-)

 

3 Comments

  • I don't think the box is going to have to be visible. I bet they'll release a service or something that will download the updates to a server that is visible, and the SQL Server will connect to that local server securely.



    Of course, I could be very wrong.

  • I think that we can find one point of agreement. Finding a way to have the patches automatically downloaded or at least to notify the admin that they exist is a reasonable starting point, even if they aren't installed. Right now the SQL Server product can't even do that, and because it doesn't many less experienced administrators (or environments without a qualified administrator) go unpatched. Microsoft needs to take measures to try to fix that problem, and that's what they're trying to do.

  • Look, you have a web server that's visible, right? It has to have 2 way connections, so it has to be able to have outbound communication. So put SUS on that box, and open up the poert it runs on. At that point, you have a minimal attack surface. So what <i>exactly</i> are you worried about?



    It brings up another point that goes along with human nature. You can't just close yourself off to the world cause you might get hurt. That's no way to live. If you follow the directions and do it properly, you can have the best of both worlds.



    Somewhere, one of your boxes talks to the rest of the world. What is the harm in putting an update agent on that box? If you don't trust it, then try it in VMWare. If you don't like it, no harm no foul.

Comments have been disabled for this content.