[windows2000] Re: SQL Server 2000 on an ISA server
- From: Jennifer Hooper <jennifer.hooper@xxxxxxxxxxxxx>
- To: "'windows2000@xxxxxxxxxxxxx'" <windows2000@xxxxxxxxxxxxx>
- Date: Wed, 3 Mar 2004 08:32:15 -0800
If you do this Rod, and I really suggest that you don't, but you may have
to. Here are some things that I have done to get the best performance and
security out of such servers.
Make sure that you partition the drive plane properly. Remember that SQL
Server needs the high-end disk access times, so run this set of drives
directly off your controller OR your backplane, depending on what kind of
system you have. You'll need to check your documentation there. Most of
the big server providers have recommendations on this configuration as well.
Definitely put ISA on one partition and one channel and SQL Server on the
other. That way they are not fighting for seek time! :)
Memory management is KEY! Both ISA and SQL Server like to take up whatever
amount of free memory is available. Set your SQL Server memory at 2/3rds of
the available memory to give the Operating System and other applications
enough memory to work with. If you don't, SQL will take it *all* over, and
start paging to disk. That should give ISA enough to work with. You may
need to tweak these settings as you go along.
And finally, SECURE that puppy down as hard as you can. If this machine is
going to be in the DMZ, only open the ports to it that absolutely must be
open, and secure the traffic allowed as well. Block everything except TCP
or whatever you need for your applications. Put all of the Windows 2003
Security Patches and all of the SQL Server Service Packs and Security
patches. Keep these up-to-date as often as possible. This will be a prime
server for SQL Slammer if you don't. Also, of course, keep your Virus
Software on it up to date with the latest definitions. If you use ISS or
some similar security software, install your scanner on there. It kinda
goes without saying, but change your dbo and sa passwords to complex
passwords, and use Windows Authentication where you can.
I hope this helps!
Jennifer
-----Original Message-----
From: Rod Falanga [mailto:rfalanga@xxxxxxx]
Sent: Wednesday, March 03, 2004 7:11 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] SQL Server 2000 on an ISA server
I'm looking for opinions. I've got a new server, which I intend to use to
replace our ISA server. It will have Windows 2003 Server on it. It is a
pretty beefy machine; lots of memory, lots of disk space. The guy who is
configuring it for me wants to put SQL Server 2000 onto it as well. I've
been to one or two regional TechNet meetings that Microsoft puts on and
their recommendation is to not put much onto an ISA server that is playing
the part of the DMZ. Perhaps I should not have ordered a server with so
much resources, but I did, and my parent company is very strongly suggesting
that we put other things onto this server, like SQL Server. And certainly
we are a pretty small shop. My network has just 20 internal users with
maybe 100 external users to either dial in, or connect via VPN and terminal
services. Our SQL Server databases all told, probably come to something
like 0.6 GB.
So, my question to you is this. Should I keep SQL Server off of it? Or
given our relatively low demand (I am sure we have much less business than
most of you), go ahead and put SQL Server onto it?
________________________________________
Rod Falanga
http://amci.unm.edu
********************************************************
This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check out
our games to relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
