Hide Instance


Job details

Name: Hide Instance
Platform: Sqlserver
Category: Security
Premium package: Security and compliance package
Description: Checks if the instance is hidden (not exposed by SQL Browser).
Long description: Checks if the instance is hidden (not exposed by SQL Browser). If the instance is hidden then connections will need to specify the server and port in order to connect. By default, SQL Server instances are not hidden.
Version: 1.2
Default schedule: 13 1 1 *
Requires engine install: Yes
Compatibility tag: .[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005′ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ engine_edition = ‘Azure SQL Managed Instance’)]

Parameters

Name Default value Description
return status 1 Return status value (ALARM – 2, WARNING – 1, or OK – 0) if the instance is exposed by SQL Browser (for Non-clustered SQL Server instances).
return status if cluster 0 Return status value (ALARM – 2, WARNING – 1, or OK – 0) if the instance is a clustered SQL Server instance (Always On availability groups are enabled).
enable HideInstance NO If set to “YES“ the alert will enable “HideInstance” by running master.sys.xp_instance_regwrite stored procedure.
history threshold 365 The maximum number of days to keep statistics for in the historic tables.

Job Summary

EXEC master.sys.xp_instance_regread @rootkey = N'HKEY_LOCAL_MACHINE', @key = N'SOFTWARE\Microsoft\Microsoft SQL Server\MSSQLServer\SuperSocketNetLib', @value_name = N'HideInstance'

Key Elements of the Job

Implementation

Dependencies

The job implementation depends on various stored procedures and tables that:

Job Scheduling and Execution

Tables and Procedures Used

Object Type Name Description
Stored Procedure dbw_hide_instance_proc Main procedure that either checks or alters the “HideInstance“ status.
Table dbw_hide_instance_status_info Maintains the current status.
Table dbw_hide_instance_status_histr Keeps a history log of the instance status checks.

Data Handling

Monitoring and Reporting

Security and Compliance

By integrating this job into the dbWatch monitoring suite, organizations can assure better control over their database instances, making them less visible to unauthorized entities, thus adding a layer of security.