SQL Server 2005 faces a much different challenge today than it did in the eighties when SQL Server was first announced. Back then ease-of-use was a priority and having a database scaled to suit the needs of a small business or a department was adequate. Today SQL Server is no longer a departmental database. It’s a full-fledged enterprise database capable of providing the data access functionality to the largest of organizations. To meet these enterprise demands, Microsoft has designed SQL Server 2005 to be highly scalable. In addition, it must also be secure; it must be able to be easily integrated with other platforms; it must be a productive development platform; and it must provide good return on investment.

Scalability

Scalability used to be an area where Microsoft SQL Server was criticized. With its roots as a departmental system and the limitations found in the Microsoft SQL Server 6.5 and earlier releases, many businesses didn’t view SQL Server as a legitimate player in the enterprise database market. However, all that has changed. Beginning with the release of SQL Server 7, Microsoft made great strides in the scalability of the SQL Server platform. Using distributed partitioned views, SQL Server 7 jumped to the top of the TPC-C, and, in fact, its scores were so overwhelming that SQL Server 7 was a contributing factor to the TPC (Transaction Processing Councils) decision to break the transactional TPC-C test into clustered and nonclustered divisions. Although Microsoft and SQL Server 7 owned the clustered TPC-C score, demonstrating its ability to scale out across multiple systems, there was still some doubt about the platform’s ability to scale up on a single platform. That too changed with the launch of Windows Server 2003 and the announcement of SQL Server 2000 Enterprise Edition 64-bit where Microsoft announced that for the first time Microsoft SQL Server reached the top of the nonclustered TPC-C scores. Today, with the predominance of web-based applications, scalability is more important than ever. Unlike traditional client/server and intranet applications, where you can easily predict the number of application users, web applications open up the door for very large numbers of users and rapid changes in resource requirements. SQL Server 2005 embodies the accumulation of Microsoft’s scalability efforts, and builds on both the ability to scale out using distributed partitioned views as well as the ability to scale up using its 64-bit edition. Its TPC-C scores clearly demonstrate that SQL Server 2005 can deal with the very largest of database challenges—even up to the mainframe level. And the SQL Server 2005’s self-tuning ability enables the database to quickly optimize its own resources to match usage requirements.

Security

While scalability is the stepping stone that starts the path toward enterprise-level adoption, security is the door that must be passed to really gain the trust of the enterprise. In the past, SQL Server, like many other Microsoft products, has been hit by a couple of different security issues. Both of these issues tended to be related to implementation problems rather than any real code defects. A study by one research firm showed that up to 5,000 SQL Server systems were deployed on the Internet with a blank sa password, allowing easy access to any intruders who wanted to compromise the information on those systems. Later, in 2002, the SQL Slammer virus exploited a SQL Server known vulnerability for which Microsoft had previously released a fix and even incorporated that fix into a general service pack. In the first case, SQL Server essentially had the answer to this issue, supporting both standard security as well as Windows authentication; the users simply didn’t take some very basic security steps. In the second case, Microsoft had generated a fix to a known problem but that fix wasn’t widely applied. Plus, there was another basic security issue with this incident in which one of the ports on the firewall that should have been closed was left open by the businesses that were stricken by this virus. To address these types of security challenges, SQL Sever 2005 has been designed following Microsoft’s new security framework, sometimes called SD3 where the product is secure by design, secure by default, and secure by deployment. What this means for SQL Server 2005 is that the product is initially designed with an emphasis on security. Following up on their Trustworthy Computing initiative, Microsoft embarked on extensive security training for all of their developers and conducted code reviews and performed a comprehensive thread analysis for SQL Server 2005.

In addition, all of the security fixes that were incorporated into the SP3 of SQL Server 2000 were rolled into SQL Server 2005. Next, secure by default means that when the product is installed Microsoft provides secure default values in the installation process whereby if you just follow the defaults you will end up with a secure implementation. For example, in the case of the sa password, the installation process prompts you to provide a strong password for the sa account. While you can select to continue the installation with a blank password, you have to explicitly select this path as well as respond to the Microsoft dialogs warning you about the dangers of using a blank password. Finally, SQL Server 2005 is secure by deployment, which means that Microsoft is providing tools and training for customers to help create secure deployments for SQL Server 2005. Here, Microsoft provides tools like the Microsoft Baseline Security Analysis, which can scan for known security vulnerabilities, in addition to a collection of white papers that are designed to educate customers on the best practices for creating secure implementations for a variety of different deployment scenarios.

Integration

In today’s corporate computing environment it’s rarely the case where only one vendor’s products are installed in a homogenous setting. Instead, far more often, multiple dissimilar platforms simultaneously perform a variety of disparate tasks, and one of an organization’s main challenges is exchanging information between these different platforms. SQL Server 2005 provides a number of different mechanisms to facilitate application and platform interoperability. For application interoperability, SQL Server 2005 supports the industry standard HTTP, XML, and SOAP protocols. It also allows stored procedures to be exposed as web services and provides a level 4 JDBC driver, allowing SQL Server to be used as a back-end database for Java applications. For platform interoperability, SQL Server 2005 sports an all-new redesigned Integration Services as well as heterogeneous database replication to Access, Oracle, and IBM DB2 UDB systems.

Productivity

Productivity is one of the other primary ingredients that enterprises require, and this is probably the area where SQL Server 2005 has made the biggest strides. The new release of SQL Server 2005 integrates the .NET Framework CLR into the SQL Server database engine. This new integration allows database objects like stored procedures, triggers, and user-defined functions to be created using any .NET compliant language including C#, VB.NET managed C++, and J#. Prior to this release SQL Server only supported the procedural T-SQL language for database programmability. The integration of the .NET Framework brings with it a fully object-oriented programming model that can be used to develop sophisticated data access and business logic routines. Being able to write database objects using the .NET languages also facilitates the ability to easily move those database objects between the database and the data access layer of an n-tiered web application.

Although the big news with this release is the .NET Framework, Microsoft has continued to enhance T-SQL, as well as bring several new capabilities to their procedural language and the reassurance to developers and DBAs that they have no plans for dropping support for T-SQL in the future. In addition, SQL Server 2005 answers the question of productivity from the DBA’s perspective as well. The management console has been redesigned and integrated into a Visual Studio .NET integrated development environment. All of the dialogs are now fully modal, allowing the DBA to easily switch between multiple management tasks.

Return on Investment

One of the primary challenges for IT enterprises today is driving cost out of their businesses. That often means doing more with less, and SQL Server provides the tools that most businesses need to do more with the assets they already have. SQL Server 2005 is far more than just a relational database; its tightly integrated Business Intelligence (BI) toolset, including the built-in Analysis Services and Reporting Services, brings more value to the table than any other database platform. BI gives companies the ability to analyze data and make better business decisions—decisions that can make your company money as well as save your company money. Since the release of SQL Server 7, with its integrated OLAP Services (later renamed as Analysis Services), SQL Server has become the leading product in the BI market. Overall, the new features in SQL Server 2005 give it a very high return on investment. Features like web services provide better connectivity to customers, paving the way to improved profitability. Likewise, XML integration enables better integration with business partners for improved profitability. Additionally, the inclusion of the .NET Framework, improved management tools, and Report Services empower employees, enabling them to be more productive.