August 2, 2019 at 4:02 am
Looking to find if it is a feasible idea to install FIM system on a SQL Server. It is a sensitive and highly transnational system and I dont feel comfortable.
For people who do not know what FIM is please read the below link.
https://en.wikipedia.org/wiki/File_integrity_monitoring
It may end up messing stuff. Can some one knowledgeable and experience person comment and advice on this.
August 2, 2019 at 8:46 pm
I can't comment on this, but it seems like a file level filter driver, similar to what AV does. Those are not compatible with SQL Server and cause issues, especially blocking problems. I would not do this on any folder where database files reside.
August 4, 2019 at 11:00 am
Thanks for the input.
Will it be a good idea to have them scan the SQL Server binaries installed on C drive, for example, lets say , C:/Program files (x86). there are plenty of dll(s) there and I am even concerned about those as well?
August 4, 2019 at 4:41 pm
That's an interesting idea. Might be worth scanning those, though I'd expect you get some alerts when you apply patches. I haven't heard issues with SQL Server binaries, but I'd certainly start testing this on a server that is either dev/test or isn't critical if it causes issues. Throw a workload at it, try different things that might load different DLLs, like linked servers, xp_cmdshell, sp_oa_create, etc. See if anything triggers with your monitor.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply