We are going to be getting a new system to house our large databases. Some of these databases will need to be encrypted. Ideally we'd like to set up encryption in SQL server rather then have to purchase an appliance to encrypt the data. What is the trade off of using SQL server 2005 to encrypt data? Does performance suffer a great deal with a large database (500g-4tb)? Also, how much more/less sure is the encryption for SQL Server? Some of our users need to be able to read the data as unencrypted while working, but we need to keep the system as secure as possible. Answers to any of these questions would be incredible helpful.
I have a setup/deployment question regarding SQL Server Encryption.
Internal database encrypts data in 3 different tables. This could execute on any one of 6 different servers. The tables with encrypted data are replicated to another database on different servers (3)
How should the keys/certificates be created so that the data in the replicated database can be decrypted?
In my test scenario so far, I have been unable to have the second database decrypt the data that was encrypted on the first database (currently on the same server).
-- Create Database Master Key CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'p@ssw0rd' GO
-- Create Certificate CREATE CERTIFICATE MyCertificate WITH SUBJECT = 'My Data Encryption Certificate', EXPIRY_DATE = '10/31/2010'; GO
CREATE SYMMETRIC KEY MyKey WITH ALGORITHM = AES_256, IDENTITY_VALUE = 'My Symmetric Key', KEY_SOURCE = 'Unique phrase that will be used to secure the key' ENCRYPTION BY CERTIFICATE MyCertificate; GO
We currently have a fairly new SQL server 2000 db (currently about 18mb is size) as a backend to an application (Navision). Performance seems to be below what it should be.
The db is increasing quite rapidly in size, with a lot of data scheduled to be loaded onto the db and also more and more shops and users coming onto the system with alot more transactions going onto the db.
The initial setup of the db has the database File properties set to "Automatically grow file" by "30%" and has an unrestricted file growth.
The server that the db sits on is high spec and very large disk space.
Because the database will be expanding alot and thus reaching its maximum space allocation and then performing a 30% increase in size (which I guess affects performance quite a bit??) quite regularly.
Is it best to set the intitial size of the db to a alot bigger size in the first place as we have large disk space availiable and also set the % increase bigger also.
any advice on best performance would be much appreicated.
Hi, My MSQSQL 2000 application inone company has a backup file of more than 6 GB. The total number of tables are more than 280 while the number of fields are more than 8000. The last months I noticed that the backup database file is increasing rapidly. Is there a particular reason or anyone fas an idea why? My largest table consists of more than 160 fields and has amore than 1,2 million records and 32 indexes. I know this is not very good, and I'm thinking methods to fix it since I have noticed performance problems. Can you have some advices? I read that with MSSQL 2005 I can partition my table horizontally and vertically. However I think that this option is available with the enterprise edition which costs more than 10,000 Euros. Is this correct? Is there another way to increase performance? My server is Windows 2003 with 4 GB memory. I think that Windows 2003 doesn't support more than 4 GB memory. Is this true? Are there some advices for my case from the experienced users of this forum?? Regards, Manolis
I have been working as a SQL Server 2000/2005 db administrator (small-medium dbs), in the near future I am going to work as a DBA for large DB on SQL Server 2005 (200 - 300 GB and over) but I have not experences. Do you have any suggestions, Recommendations or useful docs, books or web links and everything else to suggest me on how to administer large databases.
For anyone with a larger number of databases (500+): How many do you have in a single instance. If you are using multiple instance on a single server, how many dbs per instance. This is why I'm asking
We are experiencing 701 "out of system memory" and temporary (usually) system freezes when the error occurs. We have 32bit 2005 version 9.00.2153.00, 32GB of memory, AWE enabled, quad dual-core 3GHz hyperthreaded server. Nether the bPool or VAS show any pressure when the "out of system memory error" occurs. Since this error usually indicates a VAS problem we tried increasing VAS to 1GB w/the -g flag. It made no difference. PSS has been working on the case for 3 weeks. They dont seem to be finding any evidince of memory pressure either. When I last spole to the escalation engineer yesterday it seemed that they are going to recommend reducing the number of databases on the server. I asked for clarification as to whether we are hitting a 32 bit barrior, an instance limitation, or both. I am awaiting the answer. How many databases do you have on your server? We had between 1700 and 1900 (the number varies) at times when the error occured. We are now at 1500, and have not had the error in the 2 days since reducing the number of databases...
I have been looking into mirroring a large amount of small databases approx 150 databases.
As I understand this won't be feasible because of the way mirroring threading works, http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=441900&SiteID=1
As I understand it for every database being mirrored sql will ping the mirror second, causing a network bottleneck?.
Also that the amount of threads generated for each mirrored database will cause also cause a bottleneck?
At the moment our database servers are under very little pressure and as an estimate use about 10% of the resources allocated to them such as CPU utilization, memory, disk IO and network. Our server hardware is Dual Quad core Xeons with 4 - 8 gig of memory and variety of 10k SCSCI raid configurations from raid 5 or 1,0 and sql 2005 32bit.
Ive done some calculations on the log file generation rate compared to network bandwidth there is more than enough network bandwidth.
Has anybody had any luck in mirroring many small databases?
My concerns is how much traffic is caused by the pinging of the mirror for each database?,
How many threads will the mirroring cause and what is the max amount of threads sql can handle?
How much memory will be consumed by each one of these mirroring threads?
For large databases is it a good idea to create indexes for fields that are used in Where statements? Does that improve performance and reduce overhead?
My company works with SQL Server 2005 express locally with Visual Studio to develop websites. Everything works very well.
We use SQL Server 2005 express on our production server as well. We change the database over to a non-User Instance when the site is ready to go live. Everything works fine here as well.
We run into issues when databases get near 100 MB. This is well below the stated database size limit for Express of 4GB.
At that point, about once a day, a site with a "large" database will stop responding. The error that we'll get is "Cannot open database 'DBNAME' requested by the login. The login failed. Login failed for user 'DBUSER'
The only way we've found to fix this is to restart the SQL Express service. Obviously, that isn't a very useful alternative.
Has anyone run into anything like this? Could we have some setting wrong?
Would moving to the full version of SQL Server 2005 fix this?
Due to bad programming techniques and legacy databases, my company has a large database with all the tables in it. I would like to start moving these tables out of the database and into more appropriately named databases.I was wondering if there was a way to set an alias up so that, when the table is moved, there will be no problems with out code still trying to access the table from the old database.Maybe an example is the best way to explain this. Lets say we have a DB_Company database with table T_Customers, T_Suppliers, etc.Now, as the company grows, we decide to create a dedicated database for all the customers. So we create a database DB_Customers and move the T_Customers table into it.The problem is that they may be some code that is still trying to access the DB_Company.T_Customers table. Is there a way of setting an alias up so that, when someone tries to access the DB_Company.T_ Customers table, he is automatically redirected to the DB_Customers.T_Customers?Hope that's not too confusing :-(Jag
I am trying to enable database mirroring for 100 database. It goes error free till 59 databases (some times 60 databases) with the status (principal, synchronized) on principal. on the 60th or 61st database it gave the status (principal, disconnected). Also mirror starts acting abnormal. connection to mirror starts to give connection timeout and it is not enabling database mirroring on any more databases. I have SQL SERVER 2005 Enterprise with SP1 on the servers. witness is not included yet.
this are my test servers... i have more than 500 databases on my production servers.
principal and mirror both are using port 5022 for ENDPOINT communication.
I am trying to enable database mirroring for 100 database. It goes error free till 59 databases (some times 60 databases) with the status (principal, synchronized) on principal. on the 60th or 61st database it gave the status (principal, disconnected). Also mirror starts acting abnormal. connection to mirror starts to give connection timeout and it is not enabling database mirroring on any more databases. I have SQL SERVER 2005 Enterprise with SP1 on the servers. witness is not included yet.
these are my test servers... i have more than 500 databases on my production servers.
principal and mirror both are using port 5022 for ENDPOINT communication.
All of the databases are critical and all must be included in the Database Mirroring. so, after that I tried to implement database mirroring again...... System has 3 GB of RAM, SQL SERVER (Mirror) using 85 MB of RAM but still giving this error while trying to enable database mirroring for 37th Database.....
"There is insufficient system Memory to run this query"
I have a 2 node cluster having 4 cores each wherein having 3 instances of SQL 2008 R2 enterprise comprising of 60 databases, 20 on each instance. I need to setup mirroring for each of the databases to a secondary server having 4 cores and 3 instances. What i understand is that in this case the mirror server will be providing max of 512 worker threads and the 60 mirror databases would consume 240 threads.what all needs to be checked for looking into the feasabilty of going ahead with a async mirror setup as mentioned above.
I have created two user defined functions for encryption and decryption using passphrase mechanism. When I call encryption function, each time I am getting the different values for the same input. While I searching a particular value, it takes long time to retrieve due to calling decryption function for each row.
best way to encrypt and decrypt using user defined functions.Below is the query which is taking long time.
SELECT ID FROM table WITH (NOLOCK) WHERE dbo.DecodeFunction(column) = 'value'
When I try to use symetric or asymetric encryption, I am not able to put "OPEN SYMETRIC KEY" code in a function. So, I am using PassPhrase mechanism.
Dear Readers,Is it possible, like in Access, to link to tables in other SQL databases that are on the same server? I have a query that I originally had in Access that queered from multiply databases. It did this by having those other tables in the other databases linked to the database that had the query.
I just restored my SQL server 2000 database on the SQL server 2005. after this i ran the Service broker sample ("Hello World") on this database by changing the AdventureWorks name to the new database name. The "setup.sql" runs fine. When i run the "SendMessage.sql" i was not getting any rows in the output (The message was not getting inserted into the queue). I checked the Service broker is enabled on this databased using the query "select is_broker_enabled from sys.databases where name = 'newdbname' " It was 1. I even tried the ALTER DATABASE SET ENABLE_BROKER. but it didnt work.
When i tried the sample on a newly created database it worked fine.
Is there any solution to make the restored database to work for service broker.
I was wondering if anyone out there knows if it is possible to encrypt a particular field in a table, or encrypt a whole table. The info would remain on my database and not be sent out anywhere, but I just want an extra level of security against anyone who might try to break into the database.
Is there a function that can encryp the data in a table(or certain column)? So if the table or column was query the person would see something like " !#)&%^#@ ". suggestion are welcome.
Is there a way to encrypt the data ( I mean actual data stored in a table)in a SQLServer. I know how to encrypt procedures, views, Net-libraries ......
How to get the encryption of certain characters, such as '12345' or 'hello'. Is any function to take regular characters and return the encryption form of those characters? Please help.
My client requested that the password field of a login table be encrypted using H5 Encryption. I've been searching throughout the net and MSDN for the function or procedure and can't find it. Does anybody know how?
Hello, I am needing to migrate an Access database to Sql Server Express. This database will be distributed as part of a VB 6 application. This database will have some of the columns encrypted. My understanding is that SQL Server Express supports encryption. We will need to be able to run queries on encrypted data like this, with LastName being an encrypted column in the database.
Select LastName from Account where LastName = 'Smith' Select LastName from Account where LastName Like 'Sm%' Update Account Set where LastName = sLastName
Can this be done using SQL Server 2005 Express and VB 6?
hi all, ive download some application, but they encrypt their Stored Proc and some Views.. 1.how to encrypt SP? 2.is it possible to decrypt whateva that encrypted?
Hai I am new to SQL server and working on Encryption.I just want to know whether it is better to encrpt a data in database or in the code itself.I want to encrypt a number and not a text.which one would u suggest RC4 algorithm or pwdencrypt..any one plz reply soon..
Hi, i was wondering if the whole table can be encrypted using MS SQL Server 2005. This at present can be done using third party softwares. Performance won't be an issue.
I am using server 2005 running on a windows server 2003 platform. I am trying to do field encryption using symmetric key implemented by the AES algorithm. I created an AES key and apparently it encrypts the data with no problem, however when I try to retrieve the data after decryption the field is always null. I tried using the same process while using the DES or RC2 algorithm and I could both encrypt and decrypt information, however it does not decrypt for any of the AES algorithm i.e. AES_128, AES_192 and AES_256. Attached is a simple query I used to test it.
create symmetric key CCardKeys with algorithm = aes_192 encryption by password = 'P@s$w0rD'
open symmetric key CCardKeys decryption by password = 'P@s$w0rD'
declare @Id varchar(50) set @Id = encryptbykey(key_guid('CCardKeys'),'Test')
Here is my goal please let me know if it is possible.
I have installed sql express on clients machines. I don't want them to be able to view the sp's or the functions. I would like to go as far as not allowing them to see the tables. I tried with encrption but this is still breakable by the user using the DAC.
UID, name, SSN, phone,address. I need to encrypt all the fields except UID. My company recently moved to sql server 2005 and I have to encrypt old data. We do perform query search based on username and SSN
I have very shallow knowledge of encryption and indexes. I did looked at one of the articles on encrypting data on existing application but could not understand the indexing part(:()
Do i have to define new fields with varbinary as datatype(for ssn, name,phone number) ? I am asking this because in the demo only ssn_index has varbinary and the ssn field is still nvarchar?
