Home
Pre installation
SQL server and security considerations
A summary of security considerations involving the SQL server and Touchstone/Touchstone Re installations.

Introduction
System requirements
Pre installation
- Read first
  Review the following information very carefully before installing the Touchstone and Touchstone Re applications.
- Obtain your license
  Your license file automatically detects the Touchstone/Touchstone Re components you are licensed to install.
- Back up best practices
  It is very important to back up Touchstone and Touchstone Re.
- Manage the Windows firewall
  The Windows firewall impacts how components residing on different computers communicate.
- Assigned ports
- Disable user account control
  For Touchstone and Touchstone Re to function properly, User Account Control needs to be disabled across all of the machines in the environment.
- Manage antivirus software
  Antivirus software should be turned off for Touchstone and Touchstone Re installations.
- Configure databases (SQL server): what you need to know
  Prepare for installation of your databases.
- Configure property exposure databases (SQL server): what you need to know
  Prepare for installation of property exposure database(s).
- Analysis Management Server (head node): what you need to know
  Prepare for installation of analysis management server(s).
- Analysis Servers (compute node): what you need to know
  Prepare for installation of the analysis server(s).
- Application Server (IIS): what you need to know
  Prepare for installation of the application server.
- Smart Clients: what you need to know
  Prepare for installation of your smart clients.
- Verify browser includes PDF Viewer
  To view the Remodeling Guide associated with each catbond company import, a web browser with a PDF viewer must be installed on the local Touchstone Re client.
- SQL server and security considerations
  A summary of security considerations involving the SQL server and Touchstone/Touchstone Re installations.
Installation
Databases
Models
Analysis Management Server (head node)
Analysis Server (compute node)
Application Server (IIS)
Client
Loss file utility
Password reset
Post installation

SQL server and security considerations

A summary of security considerations involving the SQL server and Touchstone/Touchstone Re installations.

Trustworthy databases

Touchstone databases that need the "Trustworthy" flag to be set to on include:

AIRProject
AIRMap
AIRSpatial
AIRMapBoundary
AIRReference
AIRUserMap
AIRSecurity

Common criteria compliance

Common Criteria Compliance for the SQL Server (Server Properties > Security tab) should be disabled due to various concerns including:

Residual Information Protection (RIP) — Meeting the RIP standard can contribute to improved security, however, it greatly degrades performance.
Login auditing — This setting has no overlap in a Touchstone implementation.
A table-level DENY takes precedence over a column-level GRANT — This setting has no overlap in a Touchstone implementation.

SQL server and security updates

Regarding Microsoft SQL Server updates, Microsoft offers the following tracks for releasing the GDR (General Distribution Release):

RTM Track — Employed for installations still on the base version using the Release to Manufacturer (RTM) version track.
CU Track — Employed for installations using any cumulative update (CU) version as their supported version track.
On Demand Track — Employed for certain bits of the CU track to then follow on a CU track only (not RTM Track).

Important: For Touchstone/Touchstone Re 2025 (13.0) installations we employ the RTM track update method.