Security Considerations for Replication
It is important to understand how to secure a replication environment to protect the data and business logic in your application. Fundamentally, securing your replication environment is a matter of understanding your authentication and authorization options, understanding appropriate uses of replication filtering features, and learning specific measures for securing each piece of the replication environment (including the Distributor, Publisher, Subscribers, and the snapshot folder).
This chapter addresses replication security, but replication security is built on SQL Server security and Windows security, so it is important to understand this foundation as well as the specifics of replication security. For more information about security for SQL Server in general, see Security Considerations for a SQL Server Installation.
Oluline
The replication agent security model has changed significantly from SQL Server 2000. For detailed information about the security model, see Replication Agent Security Model. Replication scripts created from SQL Server 2000 or SQL Server 7.0 should be upgraded for SQL Server 2005 in order to take advantage of security enhancements. For more information, see How to: Upgrade Replication Scripts (Replication Transact-SQL Programming).
Replication security documentation includes information about:
Topic | Description |
---|---|
Describes the elements of replication security: authentication, authorization, encryption, and filtering. |
|
Describes recommended approaches to configuring replication security. |
|
Describes how to secure a Distributor. |
|
Describes the publication access list (PAL) and best practices for its use. |
|
Describes connections made to Subscribers and considerations for transactional updating Subscribers. |
|
Describes permissions required for access to the snapshot folder, best practices for defining folder location, and considerations for snapshot delivery through FTP. |
|
Includes links to topics about specifying accounts, and setting and changing passwords. |
|
Includes information about virtual private networks and Web synchronization. |
For additional information about security considerations for Oracle publishing, see the section "Replication Security Model" in the topic Design Considerations and Limitations for Oracle Publishers.