SQL Server

Connection to the SQL Server databases

Any SQL Server connection string can be specified, including one where SQL Server authentication is used (user name/password). This can be useful during testing because it does not require access to an AD. However, we do not recommend using user name/password authentication for production setups since both user name and password are persisted un-encrypted on the computer. For production setups we recommend using integrated security.

Communication between the Milestone XProtect VMS and the SQL Server database can potentially be tampered by an attacker because the certificate is not validated.

To mitigate this, you must first set up verifiable server certificates. After the certificates are set up, you must modify the ConnestionString in the Windows registry by removing trustServerCertificate=true, as follows:

Registry key: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\VideoOS\Server\Common\ConnectionString

  • Current

    connection string: Data Source=localhost;initial catalog='Surveillance';Integrated Security=SSPI;encrypt=true;trustServerCertificate=true

  • Hardened

    connection string: Data Source=localhost;initial catalog='Surveillance';Integrated Security=SSPI;encrypt=true

This results in encryption occurring only if there is a verifiable server certificate, otherwise the connection attempt fails.

This issue is described in detail in the article Using Encryption Without Validation.

Run the SQL Server database on a separate server

Milestone recommends that you make the SQL Server database redundant. This reduces the risk of real or perceived downtime.

To support Windows Server Failover Clustering (WSFC), Milestone recommends that you run the SQL Server database on a separate server, and not on the management server.

SQL Server must run in WSFC setup, and the management and event servers must run in a Microsoft Cluster setup (or similar technology). For more information about WSFC, see Windows Server Failover Clustering (WSFC) with SQL Server (https://msdn.microsoft.com/en-us/library/hh270278.aspx).

Learn more

The following control(s) provide additional guidance:

  • NIST 800-53 SC-7 Boundary Protection
  • NIST 800-53 CM-9 Configuration Management Plan