Surface area represents potential attack vector that can be compromised. The Surface Area Security Checks examine the security settings for configurations and components on the database and instance to reduce the surface area vector.

The Surface Area Security Checks available on the Configure the Policy section are the following:

Name

Description

Ad Hoc Distributed Queries EnabledCheck if Ad Hoc Distributed Queries is enabled. If configured_value is 1, then SQL Server will enable the configuration on startup. If value_in_use is 1, it is currently enabled.
Common TCP Port UsedDetermine whether TCP is using a common port on the SQL Server
Cross Database Ownership Chaining EnabledDetermine whether Cross Database Ownership Chaining is enabled on the SQL Server
FILESTREAM is configuredReturn the FILESTREAM configuration state for the server, and which databases contain FILESTREAM file groups, if any. 
Integration Services RunningDetermine whether Integration Services is running on the SQL Server
Notification Services RunningDetermine whether Notification Services is running on the SQL Server
Reporting Services RunningDetermine whether Microsoft Reporting Services is running on the SQL Server
SQL Server Agent RunningDetermine whether the SQL Server Agent is running on the SQL Server
SQL Server Browser RunningDetermine whether the SQL Server is hidden from client computers
Unapproved ProtocolsDetermine whether unapproved protocols are enabled on the SQL Server
IDERA | Products | Purchase | Support | Community | Resources | About Us | Legal
  • No labels