It was interesting to learn, during a recent speaking engagement, that Oracle DBAs think that SQL Server 2005 and SQL Server 2005 Express aren't stable or secure. Here are my thoughts about why I don't agree.
SQL Server Express Security and Stability
by Michael Otey, [email protected]
I recently presented research information at one of SQL Server Magazine's Managing Your Cross Platform Data roadshows and got the chance to hear from several Oracle DBAs about their perceptions of SQL Server 2005 and SQL Server 2005 Express. I know that Oracle DBAs view Oracle as a superior product so I wasn't surprised that these DBAs had a low opinion of SQL Server. After all, if you pay as much for a product as their companies did it's only natural that you'd rally behind that product. However, what did surprise me was the common set of reasons behind their opinions stability and security. Their perception is that SQL Server and SQL Server Express aren't stable databases and thus, not ready for enterprise work primarily because they run on the Windows OS. They also said they believe that SQL Server 2005 and SQL Server 2005 Express aren't secure because these products have been hit with viruses such as the now infamous SQL Slammer worm that hit SQL Server and Microsoft SQL Server Desktop Engine MSDE databases in early 2003. In my opinion these thoughts are misconceptions based on ancient history and aren't relevant to the current SQL Server 2005 and SQL Server Express products.
Older versions of Windows 9x were plagued by stability problems but that isn't the case with Windows XP and Windows Server 2003 OSs. Historically, desktop systems have had more problems than servers because of the varied software they run the multiple device drivers they must support and user error. But like everything else, even desktop systems have improved over the years. And the same problems affect other desktop databases such as Oracle Express DB2 Express and even MySQL just as much as they affect SQL Server Express.
Clearly, SQL Slammer significantly harmed the reputation of SQL Server products so much so that it might take Microsoft a decade to live it down. Never mind that Microsoft had a patch available for SQL Slammer months before the exploit or that organizations that had correctly configured their firewalls and shut down all the unnecessary access to port 1433 weren't affected by SQL Slammer. Perhaps one of the unexpected outcomes of the exploit was to point out how widespread the adoption of MSDE had become because it was primarily those unknown and unpatched MSDE installations that facilitated the rapid spread of the exploit.
Today, SQL Server Express takes a totally different approach to security than MSDE did. First, because of Microsoft's Security Initiative, the SQL Server Express code has been through a more thorough review than SQL Server 2000 and MSDE and fixes for the older security exploits have been incorporated into SQL Server Express. Second, the original versions of MSDE shipped with all network access enabled after installation SQL Server 2005 Express takes the opposite tack and by default all network access is completely shut down which completely eliminates the possibility of anything like the SQL Slammer exploit. If you want network access to a SQL Server Express database you need to enable it by using the SQL Server Surface Area Configuration Tool. Nowadays stability and security are a given with SQL Server 2005 and SQL Server Express.
Although security was certainly a topic that came up in my roadshow sessions, the real focus of the ongoing SQL Server Oracle road shows is database integration. If you re interested in Windows and Linux integration or you want to learn more about virtualization you should check out the upcoming TechX World road shows at techxworld.com. I'll be one of the guest speakers and I'll be talking about virtualization technologies.
SQL Server Guide to Clustering Alternatives
Want the convenience of a server cluster without the expense? Learn about server cluster alternatives that provide high availability preventative maintenance and failover capabilities at pricing that fits your budget.
Database Restore Problem
I've received several questions about backing up and restoring databases. Here's a reader's question that tackles a common restore problem.
Q: I recently migrated several Access databases to SQL Server 2005 Express by using the SQL Server Migration Assistant SSMA. Next, I backed up several databases and copied these backup files to another computer running SQL Server Express. To restore the files, I entered the following command in SQL Server Management Studio Express SSMSE:
RESTORE DATABASE MyDatabase FROM DISK c Program Files Microsoft SQL Server MSSQL 1 MSSQL Backup MyDatabase bak
But I received the following error message:
Msg 3102 Level 16 State 1 Line 1
RESTORE cannot process database MyDatabase because it is in use by this session. It is recommended that the master database be used when performing this operation.
Does this message mean that I have to restore the master database before I restore the MyDatabase backup?
A: No, you don't have to restore the master database before you restore a user database. This message is telling you that your user database connection is using the MyDatabase database. SQL Server Express can't complete the restore operation because the user database has an active connection with your current session. You'll need to change your database connection to a different database before you attempt to perform the restore. You can use the T SQL USE command as I show in the following code to change your current database connection to the master database before you perform the restore:
USE master br RESTORE DATABASE MyDatabase FROM DISK c Program Files Microsoft SQL Server MSSQL 1 MSSQL Backup MyDatabase bak
Hope this helps and thank you for sending your question.
Michael Otey, [email protected]
HOT SPOT
Polyserve IT Consolidation: Maximizing the Potential of Your Windows Environment
Optimize your existing Windows Server infrastructure with the addition of server and storage consolidation software and techniques and get tips and guidelines to evaluate your current infrastructure and determine what segments of your environment are suitable for consolidation.
Check It Out - Teratrax's Database Manager 4.6 Tool
by Michael Otey
One of SQL Server 2005 Express's limitations is that it doesn't have the built in SQL Server Integration Services SSIS functions that the other SQL Server products have. This lack makes importing and exporting data to a SQL Server database more challenging and not everybody wants to write code to import and export data. If you're one of these people and you're using SQL Server Express, check out Teratrax s Database Manager 4.6 tool. Database Manager provides a graphical management console for SQL Server Express and Microsoft SQL Server Desktop Engine MSDE and lets you import and export Excel XLS comma separated value CSV and XML files.
Uncover Essential Windows Knowledge Through Excavator
Try out the ultimate vertical search tool Windows Excavator Windows. Excavator gives you fast thorough third party information while filtering out unwanted content Visit winexcavator.com today.
Solutions for Oracle and SQL Server Environments
Join experts Douglas McDowell from Solid Quality Learning and Andrew Sisson from Scalability Experts as well as Intel insiders and other database professionals to learn the latest about SQL Server and Oracle database mirroring BI 64 bit database computing and high availability. Coming to cities across the US in the fall.
Your business, like most today, relies upon its computing systems to store financial information, house proprietary data, and maintain communications channels. This increasing reliance also increases the dangers to your systems from security breaches including viruses spyware spam and hackers. Visit the Windows Protection Site for the latest tips on safeguarding your system.
Understanding and Leveraging Code Signing Technologies
Learn all you need to know about code signing technology including the goals and benefits of code signing, how code signing works, and the underlying cryptographic and security concepts and building blocks.
Filtering the Spectrum of Internet Threats
Examine the threats of allowing unwanted or offensive content into your network and learn about technologies and methodologies for defending against inappropriate content spyware IM and P2P.
==========================
WANTED: Your reviews of products you've tested and used in production
Send your experiences and ratings of products to [email protected] and get a Best Buy gift certificate.
5 Monitor SQL Server Instances
by Blake Eno
Teratrax Performance Monitor 3 0 monitors multiple SQL Server instances both real time and historical to capture and tune poor performing SQL code across users and applications. Within Performance Monitor's UI, you can view all performance counters and analyze chart report and export them. Performance Monitor captures activity on local and remote servers including servers memory and I/O percentages. You can also detect slow or failed SQL Agent jobs and detect new SQL Server error log entries. For more information, contact Teratrax 800-370-5886 or [email protected].
Exclusive Email Offers
Monthly Online Pass only $45.95 per month. Includes instant online access to every article ever written in SQL Server Magazine plus the latest digital issue. Sign up now. Save 40% off Windows IT Pro . Subscribe to Windows IT Pro today and SAVE up to 40%. Along with your 12 issues you'll get FREE access to the entire Windows IT Pro online article archive which houses more than 9,000 helpful IT articles.
