Thank you very much for the reply, some of those links were helpful.
A lot of them were for SEP Manager though, and I'm using SEP stand alone client so it's hard to know which points are relevent.
I have added a Security Risk Exception and a SONAR Exception for
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\ MSSQL\Data
Is this likely to leave the database exposed at all?
Two more questions which I wasn't able to ascertain from any of those articles:
- Should I be adding the SQL application to the exception lists too?
- It mentions some Windows Server roles may need to be added to the exceptions lists but it doesn't say which. Does anyone have any idea which ones (and why?)
Thanks again.