Details
SQL Server supports Shared Memory, Named Pipes, and TCP/IP protocols. However, SQL Server should be configured to use the bare minimum required based on the organization’s needs.
Rationale:
Using fewer protocols minimizes the attack surface of SQL Server and, in some cases, can protect it from remote attacks.
Impact:
The Database Engine (MSSQL and SQLAgent) services must be stopped and restarted for the change to take effect.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Open SQL Server Configuration Manager; go to the SQL Server Network Configuration. Ensure that only required protocols are enabled. Disable protocols not necessary.
Default Value:
By default, TCP/IP and Shared Memory protocols are enabled on all commercial editions.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.