Security Considerations for Replication

It is important to understand how to secure a replication environment to protect the data and business logic in your application. Fundamentally, securing your replication environment is a matter of understanding your authentication and authorization options, understanding appropriate uses of replication filtering features, and learning specific measures for securing each piece of the replication environment (including the Distributor, Publisher, Subscribers, and the snapshot folder).

This chapter addresses replication security, but replication security is built on SQL Server security and Windows security, so it is important to understand this foundation as well as the specifics of replication security. For more information about security for SQL Server in general, see Security Considerations for a SQL Server Installation.

Important

The replication agent security model has changed significantly from SQL Server 2000. For detailed information about the security model, see Replication Agent Security Model. Replication scripts created from SQL Server 2000 or SQL Server 7.0 should be upgraded for SQL Server 2005 in order to take advantage of security enhancements. For more information, see How to: Upgrade Replication Scripts (Replication Transact-SQL Programming).

Replication security documentation includes information about:

Topic Description

Elements of Replication Security

Describes the elements of replication security: authentication, authorization, encryption, and filtering.

Replication Security Best Practices

Describes recommended approaches to configuring replication security.

Securing the Distributor

Describes how to secure a Distributor.

Securing the Publisher

Describes the publication access list (PAL) and best practices for its use.

Securing Subscribers

Describes connections made to Subscribers and considerations for transactional updating Subscribers.

Securing the Snapshot Folder

Describes permissions required for access to the snapshot folder, best practices for defining folder location, and considerations for snapshot delivery through FTP.

Managing Logins and Passwords in Replication

Includes links to topics about specifying accounts, and setting and changing passwords.

Securing Replication Over the Internet

Includes information about virtual private networks and Web synchronization.

For additional information about security considerations for Oracle publishing, see the section "Replication Security Model" in the topic Design Considerations and Limitations for Oracle Publishers.

See Also

Other Resources

Configuring and Maintaining Replication

Help and Information

Getting SQL Server 2005 Assistance