Updated: April 21, 2010
Applies To: System Center Data Protection Manager 2010
DPM operates as a high-privileged server on the network. To help ensure the security of the DPM server, the DPM security architecture relies on the security features of Windows Server 2008 and Active Directory Domain Services, SQL Server 2008, and SQL Server Reporting Services.
To maintain the DPM security architecture:
Accept all default security settings.
Do not install unnecessary software on the DPM server.
Do not change security settings after DPM is deployed. In particular, do not change SQL Server 2008 settings, Internet Information Services (IIS) settings, DCOM settings, or settings for the local users and groups that DPM creates during product installation.
A remote instance of SQL Server should not run as Local System.
Installing unnecessary software and changing default security settings can seriously compromise DPM security.