locked
TDE support RRS feed

  • Question

  • I'm running SQL Server 2008 R2 Standard (64) v10.50.1600.1.  I get the following error.  I've read where TDE is supported in all versions of 2008 but I see comments of only being supported in enterprise & developer.  Do I need to upgrade?

    Msg 33117, Level 16, State 1, Line 1

    Transparent Data Encryption is not available in the edition of this SQL Server instance

    Saturday, April 19, 2014 4:31 AM

Answers

  • You need to upgrade on two accounts. First of all, you are running the RTM version of SQL 2008 R2. You planned to get Service Pack 2 installed as soon as possible.

    And if you want to use TDE, yes, you need to upgrade to Enterprise Edition. This feature is not available in Standard Edition. I recommend that before your organisation cough up the money for the license, that evaluate whether TDE meet your needs.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Saturday, April 19, 2014 8:31 AM

All replies

  • You need to upgrade on two accounts. First of all, you are running the RTM version of SQL 2008 R2. You planned to get Service Pack 2 installed as soon as possible.

    And if you want to use TDE, yes, you need to upgrade to Enterprise Edition. This feature is not available in Standard Edition. I recommend that before your organisation cough up the money for the license, that evaluate whether TDE meet your needs.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Saturday, April 19, 2014 8:31 AM
  • Thanks Erland! That's what I was looking for.  We need to encrypt our servers and/or databases and I was hoping we could just turn on TDE and see if that met our needs.  We are also looking at using Bitlocker on the servers so while not exactly having to do w/ SQL I'll ask if anyone has any feelings or experience using Bitlocker on a SQL Server?  Assuming this works is there any need to further encrypt the database using TDE?  Thanks.
    Saturday, April 19, 2014 2:19 PM
  • If you want to evaluate TDE, you can download and install an instance of Evaluation Edition, although obviously you can't do that in production.

    TDS protects data at rest, so that if someone snatches a backup file or a database file, they can't do anything with it. However, it does not protect you against intruders that sneak in through port 1433, for instance by means of SQL injection.

    I don't have any experience of comparing bitlocker with TDE, but I hope someone else can chime in on that point.

    And don't forget to install SP2!


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Saturday, April 19, 2014 4:46 PM