As every developer knows by now, Microsoft has focused renewed attention on security in recent product releases. One of the important concepts in this effort is surface area. Roughly speaking, a piece of software has a smaller surface area if there are fewer ways to attack it: fewer open ports, fewer APIs, fewer protocols, and so on. OSQL Server 2005 takes this concept to the next level by letting you explicitly manage the software’s surface area. In this article, I’ll show you the tools that SQL Server offers for this management, using the current (February 2005) Community Technical Preview build of SQL Server Express as an example. Some changes are inevitable between now and the final product, but the concepts should remain relatively stable.
