locked
SQL Server Version and Encryption RRS feed

  • Question

  • Hello I hope someone can help.  I have been reading some interesting articles about database encryption in SQL  Server http://technet.microsoft.com/en-us/library/ms187972.aspx

    I have heard however that an enterprise license is required to apply these encryption techniques.  Can someone confirm exactly what versions are required as I need to understand the potential cost involved in order to make the case for database encryption.

     

    Thanks in advance

    Graeme

    Saturday, July 9, 2011 6:30 PM

Answers

  • Please check these urls, Transparent Database Encryption only works in Enterprises edition 

    Price comparision

    http://www.microsoft.com/sqlserver/2008/en/us/pricing.aspx

    Edition comparision

    http://www.microsoft.com/sqlserver/2008/en/us/editions-compare.aspx

    http://www.microsoft.com/sqlserver/2008/en/us/editions.aspx

     

    hope this helps you


    http://uk.linkedin.com/in/ramjaddu
    Saturday, July 9, 2011 6:51 PM
  • Transparent data encryption (TDE) is a new encryption feature introduced in Microsoft® SQL Server 2008. It is designed to provide protection for the entire database at rest without affecting existing applications. Implementing encryption in a database traditionally involves complicated application changes such as modifying table schemas, removing functionality, and significant performance degradations. For example, to use encryption in Microsoft SQL Server 2005, the column data type must be changed to varbinary; ranged and equality searches are not allowed; and the application must call built-ins (or stored procedures or views that automatically use these built-ins) to handle encryption and decryption, all of which slow query performance. These issues are not unique to SQL Server; other database management systems face similar limitations. Custom schemes are often used to resolve equality searches and ranged searches often cannot be used at all. Even basic database elements such as creating an index or using foreign keys often do not work with cell-level or column-level encryption schemes because the use of these features inherently leak information. TDE solves these problems by simply encrypting everything. Thus, all data types, keys, indexes, and so on can be used to their full potential without sacrificing security or leaking information on the disk. While cell-level encryption cannot offer these benefits, two Windows® features, Encrypting File System (EFS) and BitLocker Drive Encryption, are often used for the same reasons as TDE—they provide protection on a similar scale and are transparent to the user.

    for more please check here http://msdn.microsoft.com/en-us/library/cc278098(v=sql.100).aspx

     


    http://uk.linkedin.com/in/ramjaddu
    Friday, July 29, 2011 10:52 AM

All replies

  • Please check these urls, Transparent Database Encryption only works in Enterprises edition 

    Price comparision

    http://www.microsoft.com/sqlserver/2008/en/us/pricing.aspx

    Edition comparision

    http://www.microsoft.com/sqlserver/2008/en/us/editions-compare.aspx

    http://www.microsoft.com/sqlserver/2008/en/us/editions.aspx

     

    hope this helps you


    http://uk.linkedin.com/in/ramjaddu
    Saturday, July 9, 2011 6:51 PM
  • Hi Parker,

    Which SQL version are you looking for ?

    Transparent Data Encryption is available in SQL Server 2008 and later .

    If You are using SQL server 2005 ENT ,Still You can use Encryption with the help of Symmetric ,Asymmetric Keys.

    Below link has detailed description with examples.

    http://www.databasejournal.com/features/mssql/article.php/3714031/SQL-Server-2005-Encryption-types.htm

    Hope this will help You.


    Sivaprasad.L Together We can Achieve
    Sunday, July 10, 2011 3:04 AM
  • Hi,

    Please check the following link as well which compares features between different editions of SQL Server: http://technet.microsoft.com/en-us/library/cc645993.aspx#Enterprise_security.


    Best Regards
    Alex Feng | Forum Support

    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
    Tuesday, July 12, 2011 7:06 AM
  • Hi Graeme,

    Except TDE, you can use all other Encryption functions in all editions of SQL Server including SQL Express, Please read the following articles 

    http://blogs.microsoft.co.il/blogs/applisec/archive/2008/06/15/microsoft-sql-server-2005-database-encryption-step-by-step.aspx

    http://technet.microsoft.com/en-us/library/ms179331.aspx

    http://benjii.me/2010/05/how-to-use-sql-server-encryption-with-symmetric-keys/


    Arunraj Chandrasekaran, MCTS, Author: SQLXpertise.com
    If you found this post useful, Please "Mark as Answer" or "Vote as Helpful"
    Tuesday, July 12, 2011 8:16 PM
  • Hello All,

     

    Thanks for this.  Please accept my apologies for the ignorance here.  Arunraj.C I have reviewed the articles and it seem we can encrypt a table with the AES alogrithm.  What is the difference between this and Transparent Data Encryption?

     

    What are the comparisions between the two as the company are deciding whether to buy the enterprise version based on thier need to encrypt certain tables.

     

    Thanks in advance

    Graeme

    Friday, July 29, 2011 10:27 AM
  • Transparent data encryption (TDE) is a new encryption feature introduced in Microsoft® SQL Server 2008. It is designed to provide protection for the entire database at rest without affecting existing applications. Implementing encryption in a database traditionally involves complicated application changes such as modifying table schemas, removing functionality, and significant performance degradations. For example, to use encryption in Microsoft SQL Server 2005, the column data type must be changed to varbinary; ranged and equality searches are not allowed; and the application must call built-ins (or stored procedures or views that automatically use these built-ins) to handle encryption and decryption, all of which slow query performance. These issues are not unique to SQL Server; other database management systems face similar limitations. Custom schemes are often used to resolve equality searches and ranged searches often cannot be used at all. Even basic database elements such as creating an index or using foreign keys often do not work with cell-level or column-level encryption schemes because the use of these features inherently leak information. TDE solves these problems by simply encrypting everything. Thus, all data types, keys, indexes, and so on can be used to their full potential without sacrificing security or leaking information on the disk. While cell-level encryption cannot offer these benefits, two Windows® features, Encrypting File System (EFS) and BitLocker Drive Encryption, are often used for the same reasons as TDE—they provide protection on a similar scale and are transparent to the user.

    for more please check here http://msdn.microsoft.com/en-us/library/cc278098(v=sql.100).aspx

     


    http://uk.linkedin.com/in/ramjaddu
    Friday, July 29, 2011 10:52 AM