CRM and Security

TheMSsForum.com: The Microsoft Software Forum

The Microsoft recommendations <Securing Your Database Server> for securing
SQL Server installations are â?? among others â?? to:
â?¢ Use named instances
â?¢ Only allow TCP/IP for remote connections
â?¢ Restrict protocols to TCP/IP
â?¢ NOT to use dynamic ports or the default ports for SQL Serverâ??s listener
â?¢ Configure Windows Firewall on the SQL Server to block the default SQL
Server Listener ports (TCP 1433 and UDP 1434 and only allow the custom
configured port
If you follow these â?? may I add: sound â?? recommendations your Microsoft CRM
installation will not work!
According to the installation guide CRM demands a default instance of SQL
Server and that Named Pipes are used for remote connections.
Does anybody know?
1. how to implement CRM in a secure environment according to the
abovementioned MS recommendations
2. whether the MS CRM team consider conforming to the MS standards in these
matters

Thanks to anybody who care to answer
Erik Bo
Top

Re: CRM and Security by Matt

Matt
Thu Nov 02 10:22:50 CST 2006

You can get around the named instance issue with the assistance from support
(a non-charged incident). Not sure if there is a way around the named-pipes
issue though.

--

Matt Parks
MVP - Microsoft CRM


"Erik Bo Sørensen" <ErikBoSrensen@discussions.microsoft.com> wrote in
message news:6E50AC9C-D541-4363-B8B9-6FBDD56E7D80@microsoft.com...
The Microsoft recommendations <Securing Your Database Server> for securing
SQL Server installations are - among others - to:
. Use named instances
. Only allow TCP/IP for remote connections
. Restrict protocols to TCP/IP
. NOT to use dynamic ports or the default ports for SQL Server's listener
. Configure Windows Firewall on the SQL Server to block the default SQL
Server Listener ports (TCP 1433 and UDP 1434 and only allow the custom
configured port
If you follow these - may I add: sound - recommendations your Microsoft CRM
installation will not work!
According to the installation guide CRM demands a default instance of SQL
Server and that Named Pipes are used for remote connections.
Does anybody know?
1. how to implement CRM in a secure environment according to the
abovementioned MS recommendations
2. whether the MS CRM team consider conforming to the MS standards in these
matters

Thanks to anybody who care to answer
Erik Bo


Top