Information
Segregating the SharePoint database server from the application server provides a layered
defense architecture.
Rationale:
A layered defense architecture provides additional security and reduces the attack vector
of an environment. When the SharePoint database server is segregated from the
application server only specific ports can be opened from the application server to the
database server reducing the attack vector and access to the critical data stored on the
SharePoint database.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Review the SharePoint server architecture and move the SharePoint database server in a
secure network zone. Only open the specific ports required from the application server to
the database server.
Impact:
A malicious actor could gain access to the SharePoint database server and extract the
sensitive information stored in the database.