SQL Server Magazine UPDATE—brought to you by SQL Server Magazine
http://www.sqlmag.com


THIS ISSUE SPONSORED BY

STORACTIVE LIVEBACKUP
http://lists.sqlmag.com/cgi-bin3/flo?y=eL5l0DjZYg0BRZ018q0Aa

RAISING WINDOWS 2000 AVAILABILITY - FREE WEBINAR
http://lists.sqlmag.com/cgi-bin3/flo?y=eL5l0DjZYg0BRZ012G0Am
(below COMMENTARY)

Maximum Server Performance-DISKEEPER(R) 7.0
http://lists.sqlmag.com/cgi-bin3/flo?y=eL5l0DjZYg0BRZ018r0Ab
(below SQL SERVER NEWS AND VIEWS)


SPONSOR: STORACTIVE LIVEBACKUP

AUTOMATE PC/LAPTOP BACKUP - CUT COSTS, EASE RECOVERY & GET A FREE CLOCK!
Storactive LiveBackup automatically and transparently backs up distributed PC data upon ordinary user/system saves with REAL-TIME mirroring/versioning. It even backs up Outlook/.PSTs and protects laptops while roaming. LiveBackup leverages .NET architecture, SQL 2000, and data compression technologies for minimal network impact and maximum ease of administration. Reverses data loss from user errors, viruses, disasters and damaged laptops with end-user file recovery, fast system rollbacks, and disaster recovery imaging. Click for Flash demo on how LiveBackup saves time and money and get a FREE CLOCK!
http://lists.sqlmag.com/cgi-bin3/flo?y=eL5l0DjZYg0BRZ018q0Aa


May 23, 2002—In this issue:

1. COMMENTARY

  • Microsoft Plans SQL Server Security Guide

2. SQL SERVER NEWS AND VIEWS

  • New Brian Moran Webinar: Identifying Performance Problems
  • Results of Previous Instant Poll: How You Troubleshoot
  • New Instant Poll: SQL Server Security

3. ANNOUNCEMENTS

  • Immediate Access to T-SQL Solutions!

4. HOT RELEASE (ADVERTISEMENT)

  • SEND, RECEIVE, MANAGE FAXES from EMAIL (Trialware CD)

5. RESOURCES

  • What's New in SQL Server Magazine: SQL Server in the Fast Lane
  • Hot Thread: Automatic Rebooting
  • Tip: Backing Up Transaction-Log Records

6. NEW AND IMPROVED

  • Audit Database Activity
  • Monitor System Performance and Status

7. CONTACT US

  • See this section for a list of ways to contact us.

1. COMMENTARY

  • MICROSOFT PLANS SQL SERVER SECURITY GUIDE

  • (contributed by Brian Moran, news editor, brian@sqlmag.com)

    Security has always been an important aspect of database management. But according to James Hamilton, one of three architects on the Microsoft SQL Server development team, some of the ground rules for how a DBA needs to think about security have changed. I recently gleaned some interesting perspectives about security during a conversation with Hamilton, who has responsibility and vision for "thinking about security" as it relates to SQL Server.

    Hamilton says that in the not-so-distant past, companies locked most databases behind closed doors and allowed little access from outside the corporate walls. Security practices addressed preventing internal threats from rogue users or accidental misuse. But most companies now have mission-critical databases that face customers and an interface exposed on the public Internet or partner intranet. This approach creates new sets of security vulnerabilities that DBAs need to consider. Hamilton tells me that Microsoft is taking steps to help customers plan for and protect against some of these new threats.

    Regular SQL Server Magazine UPDATE readers know that I've often preach about information overload—the phenomenon of drowning in a sea of information. My thesis is that Microsoft does a great job of releasing information about its products. But weaving together a set of best practices is difficult because the information Microsoft provides can be disjointed and spread across narrowly focused white papers or Knowledge Base articles. Acquiring comprehensive security expertise is especially difficult because a strong security plan often requires skills and information from multiple product disciplines.

    Hamilton says Microsoft recognizes this problem and is busy preparing a new and improved best-practices guide that specifically addresses managing security vulnerabilities in a SQL Server environment. This resource will be ready for public consumption this summer, but Microsoft plans to give SQL Server Magazine UPDATE readers a peek at some of the content before then. I'll share a few of the most interesting tips and tricks in an upcoming commentary. Until then, check out the following list of SQL Server security resources. (My thanks to the people at Microsoft who compiled the list!) Tell me about other resources that should be on the list. I'll add them and periodically publish an updated list.

    SQL Server 2000 Security
    http://www.microsoft.com/sql/techinfo/administration/2000/security.asp

    SQL Server Security
    http://www.microsoft.com/technet/prodtechnol/sql/maintain/security/default.asp

    SQL Server 2000 Operations Guide, Chapter 3—Security Administration
    http://www.microsoft.com/technet/prodtechnol/sql/maintain/operate/opsguide/sqlops3.asp

    SQL Server 2000 C2 Administrator's and User's Security Guide
    http://www.microsoft.com/technet/prodtechnol/sql/maintain/security/sqlc2.asp

    SQL Server 2000 Security White Paper
    http://www.microsoft.com/technet/prodtechnol/sql/maintain/security/sql2ksec.asp

    SQL Server 2000 Resource Kit, Chapter 10—Implementing Security
    http://www.microsoft.com/technet/prodtechnol/sql/reskit/sql2000/part3/c1061.asp

    Microsoft SQL Server 2000 Security
    http://www.microsoft.com/technet/prodtechnol/sql/deploy/confeat/05ppcsqa.asp

    SQL Server 2000 Administrator's Pocket Consultant by William R. Stanek,
    Excerpt from Chapter 5
    http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0735611297&p=technet&s=29736

    SQL Server 7.0 Administrator's Companion, Chapter 7—Managing Security
    http://www.microsoft.com/technet/prodtechnol/sql/proddocs/admincmp/75517c07.asp

    SQL Server 7.0 Resource Guide, Chapter 16—Product Security
    http://www.microsoft.com/technet/prodtechnol/sql/reskit/sql7res/part10/sqc15.asp

    SQL Server 7.0 Security White Paper
    http://www.microsoft.com/technet/prodtechnol/sql/maintain/security/secure.asp

    INF: List of Bugs Fixed by SQL Server 7.0 Service Packs
    http://support.microsoft.com/view/tn.asp?kb=313980

  • RAISING WINDOWS 2000 AVAILABILITY - FREE WEBINAR

  • How can you reduce (or eliminate) data loss and downtime in the event of a site-wide disaster? Attend the latest free Webinar fromWindows & .NET Magazine and get the answers including what kind of fault-tolerant disk setup to use, what clustering is (and isn't!) good at, and best practices for boosting SQL and Exchange availability.Register (for FREE) today!
    http://www.winnetmag.com/seminars/veritas

    2. SQL SERVER NEWS AND VIEWS

  • NEW BRIAN MORAN WEBINAR: IDENTIFYING PERFORMANCE PROBLEMS

  • "Tuning an expensive server platform without addressing front-end tuning issues is like racing a Ferrari with flat tires—don't let it happen to you," warns SQL Server consultant and author Brian Moran. In his upcoming Webinar, "Solving Performance Problems Using A Repeatable, Structured Methodology," scheduled for June 18, Moran explains a unique approach to identifying the source of application bottlenecks so that you can solve the problems.

    "It's easy to focus on the back end when tuning a SQL Server application, but most serious tuning problems can't be easily separated from the application and middleware layers," Moran notes. "The first step in solving any problem is identifying and understanding the problem."

    The Webinar, designed for SQL Server developers and DBAs who need to optimize existing SQL Server applications, covers how to use SQL Server Profiler to help find problem areas. The Webinar, sponsored by SQL Server Magazine, starts at 1:00 P.M. Eastern Daylight Time (EDT), costs $29.95, and includes a 1-year subscription to SQL Server Magazine. To register, go to
    http://www.sqlmag.com/sub.cfm?code=bmae2esw

  • RESULTS OF PREVIOUS INSTANT POLL: HOW YOU TROUBLESHOOT

  • The voting has closed in SQL Server Magazine's nonscientific Instant Poll for the question, "What's the first resource you turn to for troubleshooting SQL Server problems?" Here are the results (+/- 1 percent) from the 362 votes:
    • 12% SQL Server discussion forums
    • 80% Microsoft online resources (TechNet, Knowledge Base, or Books Online—"BOL")
    • 4% Other SQL Server professionals you know
    • 1% Microsoft phone-based support
    • 3% Other

  • NEW INSTANT POLL: SQL SERVER SECURITY

  • The next Instant Poll question is, "Do you spend more or less time managing SQL Server security protocols than you did two years ago?" Go to the SQL Server Magazine Web site and submit your vote for 1) Significantly more time, 2) Somewhat more time, 3) About the same amount of time, 4) Less time, or 5) Don't know or doesn't apply.
    http://www.sqlmag.com

    SPONSOR: MAXIMUM SERVER PERFORMANCE—DISKEEPER(R) 7.0

    You must handle disk fragmentation on every server or performancewill corrupt. Diskeeper is the automatic solution — it can extend the life of computer systems up to two years and cut help desk calls in half. The built-in defragmenter is slow, hogs system resources and requires full administrator privileges. Only Diskeeper provides full "Set It and Forget It"(R) functionality, fast operation and uses minimum system resources. Maintain peak performance levels, zero administration with Diskeeper 7.0.
    http://lists.sqlmag.com/cgi-bin3/flo?y=eL5l0DjZYg0BRZ018r0Ab


    3. ANNOUNCEMENT


    (brought to you by SQL Server Magazine and its partners)

  • IMMEDIATE ACCESS TO T-SQL SOLUTIONS!

  • Exclusive, in-depth articles, tips, tricks, and code samples all at your fingertips. Content you can't get anywhere else—brought to you bythe SQL Server experts you trust such as Kalen Delaney, Itzik Ben-Gan, and others. Increase your productivity today! Go to the following URL.
    http://lists.sqlmag.com/cgi-bin3/flo?y=eL5l0DjZYg0BRZ0Kqz0A7

    4. HOT RELEASE (ADVERTISEMENT)

  • SEND, RECEIVE, MANAGE FAXES from EMAIL (Trialware CD)

  • Give users the ability to send and receive fax documents from their e-mail system or our browser-based client! Register for our 30-day evaluation CD-ROM at:
    http://lists.sqlmag.com/cgi-bin3/flo?y=eL5l0DjZYg0BRZ01p80AZ
    or call 800-329-2225, email info@faxback.com

    5. RESOURCES

  • WHAT'S NEW IN SQL SERVER MAGAZINE: SQL SERVER IN THE FAST LANE

  • SQL Server has steadily gained market share since the release of SQL Server 7.0 in 1998. SQL Server Magazine Senior Technical Editor Michael Otey lists seven facts that illustrate the database product's growth in his SQL Seven column "SQL Server in the Fast Lane," which appears in the June 2002 issue of SQL Server Magazine and is available online at the following URL:
    http://www.sqlmag.com/articles/index.cfm?articleid=24674

  • HOT THREAD: AUTOMATIC REBOOTING

  • Nil's SQL Server 7.0 machine is rebooting automatically when it reaches a certain RAM utilization threshold. Offer your advice and read other users' suggestions on the SQL Server Magazine forums at the following URL:
    http://www.sqlmag.com/forums/messageview.cfm?catid=3&threadid=6313

  • TIP: BACKING UP TRANSACTION-LOG RECORDS

  • (contributed by the Microsoft SQL Server development team)

    Q. Periodically, when I try to open a database, I get the error message "Log file is full. Cannot open database." After I truncate the transaction log, I can open the database. The problem occurs with some databases and not others. Why is this happening?

    A. You receive this error message because your database has been set up to retain transaction-log records until you back them up. Microsoft strongly recommends that you set up transaction-log retention on production systems because it provides maximum data protection. To back up the log file, use the BACKUP LOG command, then store these backup files on tape or on another server. Combined with the database backup, these transaction-log files will let you restore your database in the event of hardware or software failure.

    If you want to turn off transaction-log backup and restore for SQL Server 7.0, in Enterprise Manager, navigate to the database you want to change. Right-click the database, select Properties, then on the Options tab, select the "Truncate Log on Checkpoint" option. For SQL Server 2000, in the Properties window's Options tab, select the "Simple recovery" model. Note that although you're truncating the log, uncommitted transactions will still be logged in the transaction log because you can't completely turn off transaction logging; it's an essential part of SQL Server's data-integrity scheme.

    Send your technical questions to questions@sqlmag.com.

    6. NEW AND IMPROVED


    (contributed by Carolyn Mascarenas, products@sqlmag.com)

  • AUDIT DATABASE ACTIVITY

  • NetIQ and Lumigent Technologies announced a licensing partnership that will let NetIQ deliver RecoveryManager for SQL Server, which is based on Lumingent's Log Explorer software, into the NetIQ SQL Management Suite. As part of the NetIQ SQL Management Suite, RecoveryManager for SQL Server uses the SQL Server transaction log to audit database activity. You can recover data online and salvage data when traditional recovery techniques fail. For pricing, contact NetIQ at 408-856-3000.
    http://www.netiq.com

  • MONITOR SYSTEM PERFORMANCE AND STATUS

  • TNT Software announced ELM Enterprise Manager 3.0, software that lets you monitor and manage the performance and status of distributed systems. The new release features query-based monitoring of SQL Server, event monitoring, event collection and consolidation, performance monitoring, data collection, service and process monitoring, log-file monitoring, enhanced cluster monitoring, Exchange Server monitoring, and TCP port monitoring. ELM Enterprise Manager costs $395. Contact TNT Software at 360-546-0878.
    http://www.tntsoftware.com

    7. CONTACT US


    Here's how to reach us with your comments and questions:

    • ABOUT THE COMMENTARY — brianm@sqlmag.com
    • ABOUT THE NEWSLETTER IN GENERAL — mcrockett@sqlmag.com

    (please mention the newsletter name in the subject line)

    • TECHNICAL QUESTIONS — http://www.sqlmag.com/forums
    • PRODUCT NEWS — products@sqlmag.com
    • QUESTIONS ABOUT YOUR SQL Server Magazine UPDATE SUBSCRIPTION?
      Customer Support — sqlupdate@sqlmag.com
    • WANT TO SPONSOR SQL Server Magazine UPDATE?
      More than 102,000 people read SQL Server Magazine UPDATE
      every week. Shouldn't they read your marketing message, too?
      To advertise in SQL Server Magazine UPDATE,contact Beatrice Stonebanks at bstonebanks@sqlmag.com or 800-719-8718.

    SQL Server Magazine UPDATE is brought to you by SQL Server Magazine,the only magazine completely devoted to helping developers and DBAs master new and emerging SQL Server technologies and issues. Subscribe today.
    http://www.sqlmag.com/sub.cfm?code=ssei211x1y

    Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
    http://www.winnetmag.net/email