SQL Server 2005 crosses all the "-ties" -- security, reliability, scalability, usability and manageability -- as Microsoft completes the migration of SQL Server from a work-group database to a nearly enterprise-caliber platform. The problems, as we shall see below, are that Microsoft continues to drag its feet on interoperability while its competitors continue to reset the bar ever higher on scalability and reliability. But Microsoft also has added more BI tools and services to the basic SQL Server line-up. The latter move is somewhat controversial, given Microsoft's pricing strategy. At the same time, SQL Server integrates more closely than ever to the .NET framework and CLR (Common Language Runtime) as a secure runtime engine. All these factors contribute to the new SQL Server database profile.
An Evolution To Near-Enterprise Caliber
SQL Server 7.0 started addressed some key reliability and scalability issues in the late 1990s. SQL Server 2000 followed up with a fundamental rewrite of the database engine. SQL Server 2000 made key advances for Microsoft scalability using clustering, parallel operation, and smart caching techniques. For a period in the early 2000s, SQL Server led the Transaction Processing Performance Council's TPC transaction processing benchmarks while placing high in some of the organization's decision-support and data warehousing benchmarks (known as TPH). SQL Server 2000 also improved its reliability and availability profile.
But the transition from SQL Server 2000 to SQL Server 2005 was delayed well beyond a targeted 2003-2004 time frame. In the meantime, other databases improved, with IBM's DB2 taking a leading spot in the TPC and TPH benchmarks. For a while, DB2 achieved a four-times multiple over SQL Server 2000 in TPC results. At the time, Oracle presented a comprehensive Web-based management interface, while IBM and Microsoft offered complete desktop GUI control programs for managing DB2 and MySQL. And SQL Server itself got hit hard by Sapphire/Slammer, Code-Injection and other worms and virus attacks. Perhaps these security, manageability, usability and scalability issues contributed to the delay in SQL Server 2005's release.
Crossing the "-Ties"
SQL Server 2005 starts with Microsoft calls a Security Design review that produced Surface Area Configurations, including off-by-default presets, and new data and native encryptions. Those encryptions include auto-encryption over communication connections, improved clustering authentication, and more granular and loosely coupled user control. The security approach is similar to that seen in the new Windows Vista: reduce the security risk profile by making "off" the default setting for most options; tightly control the admin access and privileges; and eliminate hack vulnerabilities like buffer overflow and code injection holes. Tight integration of .NET in the development of SQL Server with managed CLR code available now for stored procedures should help to further batten down the hatches. But it would be premature to judge SQL Server's security status before it receives extensive exposure in the field.