Presentation is loading. Please wait.

Presentation is loading. Please wait.

Warwick Rudd | Principal Consultant – consulting.com.au #456 | Auckland 2015 Mission Critical SQL Server.

Similar presentations


Presentation on theme: "Warwick Rudd | Principal Consultant – consulting.com.au #456 | Auckland 2015 Mission Critical SQL Server."— Presentation transcript:

1 www.sqlmastersconsulting.com.au Warwick Rudd | Principal Consultant – Warwick@sqlmasters consulting.com.au #456 | Auckland 2015 Mission Critical SQL Server and You

2 www.sqlmastersconsulting.com.au Warwick@sqlmastersconsulting.com.au www.sqlmastersconsulting.com.au @Warwick_Rudd

3 www.sqlmastersconsulting.com.au Abstract Mission Critical systems require High Availability, High Performance & High Security of the data, which is the most important part of your company. Could you survive if your environment did not have these? In this session I will look at the options available to you to meet your High Availability, High Performance & High Security requirements using some of the new and enhanced features being released in SQL Server 2016 to build better mission critical environments.

4 www.sqlmastersconsulting.com.au Goals  Arm you with the knowledge of options available to meet your Mission Critical system requirements  Understand the 3 pillars that make up a SQL Server Mission Critical System  Provide you the ability to lead a discussion on designing and implementing a SQL Server Mission Critical System in your environment

5 www.sqlmastersconsulting.com.au Mission Critical SQL Server

6 www.sqlmastersconsulting.com.au Mission Critical SQL Server Availability Performance Security

7 www.sqlmastersconsulting.com.au Availability / Disaster Recoverability

8 www.sqlmastersconsulting.com.au Availability / Disaster Recoverability Recovery Point Objectives Recovery Time Objectives Up-Time Recovery Level Objectives Single Site Multi-Site Technologies SQL Server Version SQL Server Edition Failover Operating System Failures Hardware Failures Database Failures Malicious Attacks Disasters Accidental Data loss Nines Accessibility Workloads

9 www.sqlmastersconsulting.com.au Availability / Disaster Recoverability 2005 / 2008 / 2008 R22012 / 20142016  Failover Clustering  Database Mirroring  Replication  Transaction Log Shipping  AlwaysOn Availability Groups

10 www.sqlmastersconsulting.com.au Performance

11 www.sqlmastersconsulting.com.au Performance Memory Operating System Support Response Time Transactions/sec CPU 32 Bit Waits Statistics Fragmentation Flash Storage Hardware Blocking 64 Bit SSD Restore times Reads/Writes Latency Batches/sec Compression Indexes Stored Procedures

12 www.sqlmastersconsulting.com.au Performance 2005 / 2008 / 2008 R22012 / 20142016  Backup Compression  Data Compression  Online Index Operations  Partitioning  Resource Governor  Snapshot Isolations  Buffer Pool Extension  Cluster Columnstore Indexes  In-Memory OLTP  Managed Lock Priority  Non Clustered Columnstore Indexes  Single Partition Online Index Rebuild

13 www.sqlmastersconsulting.com.au Security

14 www.sqlmastersconsulting.com.au Security Auditing Credentials Backup Encryption Windows Authentication Compliance Separation of Duties Logins Firewalls Transport Security Surface Area Securables Certificates SQL Authentication Accounts Passwords Permissions Data Encryption

15 www.sqlmastersconsulting.com.au Security 2005 / 2008 / 2008 R22012 / 20142016  Common Criteria Compliance  C2 Audit  Data Encryption key Management  Extended Events  SQL Server Audit  TDE  Windows Integrated Authentication  Contained Databases  Backup Encryption

16 www.sqlmastersconsulting.com.au SQL Server 2016

17 www.sqlmastersconsulting.com.au SQL Server 2016 AvailabilityPerformanceSecurity Enhanced AlwaysOn  Automatic failover based on DB Health  Cross Domain Support  DTC Support  Round robin load balancing of replicas  SSIS Support  GMSA support Operational Analytics  Disk & In-memory OLTP tables In-memory OLTP  Increased T-SQL surface area  Increased supported memory  Increased number of parallel CPUs Query data store  Monitor and optimize query plans Native JSON  Expanded support for JSON data Temporal Databases  Query data as points in time Always Encrypted  Sensitive data remains encrypted at all times Row-level Security  Applies fine grained access control to table rows Dynamic Data masking  Real-time obfuscation of data to prevent unauthorised access Other Enhancements  Audit success/failure of database operations  TDE support for In-memory OLTP tables  Enhanced auditing for OLTP with ability to track history of record changes

18 www.sqlmastersconsulting.com.au Availability

19 www.sqlmastersconsulting.com.au Availability PerformanceSecurity Enhanced AlwaysOn  Automatic failover based on DB Health  Cross Domain Support  DTC Support  Round robin load balancing of replicas  SSIS Support  GMSA support Operational Analytics  Disk & In-memory OLTP tables In-memory OLTP  Increased T-SQL surface area  Increased supported memory  Increased number of parallel CPUs Query data store  Monitor and optimize query plans Native JSON  Expanded support for JSON data Temporal Databases  Query data as points in time Always Encrypted  Sensitive data remains encrypted at all times Row-level Security  Applies fine grained access control to table rows Dynamic Data masking  Real-time obfuscation of data to prevent unauthorised access Other Enhancements  Audit success/failure of database operations  TDE support for In-memory OLTP tables  Enhanced auditing for OLTP with ability to track history of record changes

20 www.sqlmastersconsulting.com.au 2016 Enhanced AlwaysOn Availability Groups AG_Listener Asynchronous data Movement Unified HA Solution Sydney (Secondary) AG Brisbane (Primary) AG Melbourn e (Secondary) AG Adelaide (Secondary) AG Perth (Secondary) AG Synchronous data Movement Read_Only_Routing_List = ((‘Sydney’, ’Melbourne’, ’Adelaide’), ’Perth) DTC Support DB Health Failover Support GMSA X Domain Support Enhanced Online Operations

21 www.sqlmastersconsulting.com.au Performance

22 www.sqlmastersconsulting.com.au Performance AvailabilityPerformanceSecurity Enhanced AlwaysOn  Automatic failover based on DB Health  Cross Domain Support  DTC Support  Round robin load balancing of replicas  SSIS Support  GMSA support Operational Analytics  Disk & In-memory OLTP tables In-memory OLTP  Increased T-SQL surface area  Increased supported memory  Increased number of parallel CPUs Query data store  Monitor and optimize query plans Native JSON  Expanded support for JSON data Temporal Databases  Query data as points in time Always Encrypted  Sensitive data remains encrypted at all times Row-level Security  Applies fine grained access control to table rows Dynamic Data masking  Real-time obfuscation of data to prevent unauthorised access Other Enhancements  Audit success/failure of database operations  TDE support for In-memory OLTP tables  Enhanced auditing for OLTP with ability to track history of record changes

23 www.sqlmastersconsulting.com.au 2016 Operational Analytics Traditional Operational Analytics Architecture BI analysts

24 www.sqlmastersconsulting.com.au 2016 Operational Analytics Operational Analytics Architecture BI analysts Benefits No data latency No ETL No separate data warehouse Challenges Analytics queries are resource intensive and can cause blocking Minimizing impact on operational workloads Sub-optimal execution of analytics on relational schema

25 www.sqlmastersconsulting.com.au 2016 Operational Analytics How is this achieved? RCSI Allows OLTP workloads to run against the rowstore CCI Allows the Analytics workloads to run against the columnstore Readable AGs Allows the offload Analytic workloads for mission critical workloads

26 www.sqlmastersconsulting.com.au 2016 In-memory OLTP Enhancements Alter Support Full schema change support Surface area Improvements Almost full T-SQL coverage Improved Scaling Increased size of Durable tables

27 www.sqlmastersconsulting.com.au 2016 Query Store Durability latency controlled by DB option DATA_FLUSH_INTERNAL_SECONDS Compile Execute Plan Store Runtime Stats Query Store Schema

28 www.sqlmastersconsulting.com.au 2016 Query Store Benefits Stability Provides the ability to maintain stability when upgrading Investigation Provides the ability to investigate changes to the environment Live Stats Provides the ability to collect metrics while the query is running

29 www.sqlmastersconsulting.com.au Security

30 www.sqlmastersconsulting.com.au Security AvailabilityPerformanceSecurity Enhanced AlwaysOn  Automatic failover based on DB Health  Cross Domain Support  DTC Support  Round robin load balancing of replicas  SSIS Support  GMSA support Operational Analytics  Disk & In-memory OLTP tables In-memory OLTP  Increased T-SQL surface area  Increased supported memory  Increased number of parallel CPUs Query data store  Monitor and optimize query plans Native JSON  Expanded support for JSON data Temporal Databases  Query data as points in time Always Encrypted  Sensitive data remains encrypted at all times Row-level Security  Applies fine grained access control to table rows Dynamic Data masking  Real-time obfuscation of data to prevent unauthorised access Other Enhancements  Audit success/failure of database operations  TDE support for In-memory OLTP tables  Enhanced auditing for OLTP with ability to track history of record changes

31 www.sqlmastersconsulting.com.au 2016 Always Encrypted Benefits Prevents Data Disclosure DB never has encryption keys Queries on Encrypted Data Supports a variety of Joins, Group By’s and Distinct operators Application Transparency Minimal application changes

32 www.sqlmastersconsulting.com.au 2016 Always Encrypted dbo.Patients Jane Doe Name 243-24-9812 SSN USA Country Jack Daniels198-33-0987USA John Smith123-82-1095USA dbo.Patients Jane Doe Name 1x7fg655se2 e SSN USA Jack Daniels0x7ff654ae6dUSA John Smith0y8fj754ea2cUSA Country Result Set Jack Daniels Name Jane Doe Name 1x7fg655se2 e SSN USA Country Jack Daniels0x7ff654ae6dUSA John Smith0y8fj754ea2cUSA dbo.Patients SQL Server Query Trusted Apps SELECT Name FROM Patients WHERE SSN=@SSN @SSN='198-33-0987' Result Set Jack Daniels Name SELECT Name FROM Patients WHERE SSN=@SSN @SSN=0x7ff654ae6d Column Encryption Key Enhanced ADO.NET Library Column Master Key Client side ciphertext

33 www.sqlmastersconsulting.com.au 2016 Always Encrypted Types of Encryption Randomized encryption Encrypt('123-45-6789') = 0x17cfd50a Repeat: Encrypt('123-45-6789') = 0x9b1fcf32 Allows for transparent retrieval of encrypted data but NO operations More secure Deterministic encryption Encrypt('123-45-6789') = 0x85a55d3f Repeat: Encrypt('123-45-6789') = 0x85a55d3f Allows for transparent retrieval of encrypted data AND equality comparison E.g. in WHERE clauses and joins, distinct, group by

34 www.sqlmastersconsulting.com.au 2016 Row-Level Security Benefits Fine-grained access control Multi-tenancy table separation Application Transparency No app changes required to implement Centralized security logic Maintained in DB and is schema bound

35 www.sqlmastersconsulting.com.au 2016 Row-Level Security Database Policy Manager CREATE FUNCTION dbo.fn_securitypredicate(@wing int) RETURNS TABLE WITH SCHEMABINDING AS return SELECT 1 as [fn_securitypredicate_result] FROM StaffDuties d INNER JOIN Employees e ON (d.EmpId = e.EmpId) WHERE e.UserSID = SUSER_SID() AND @wing = d.Wing; CREATE SECURITY POLICY dbo.SecPol ADD FILTER PREDICATE dbo.fn_securitypredicate(Wing) ON Patients WITH (STATE = ON) Filter Predicate: INNER JOIN… Security Policy Applicatio n Patients One Policy manager creates filter predicate and security policy in T-SQL, binding the predicate to the Patients table Nurse

36 www.sqlmastersconsulting.com.au 2016 Row-Level Security Two App user (e.g., nurse) selects from Patients table Database Policy Manager Filter Predicate: INNER JOIN… Security Policy Applicatio n Patients Nurse SELECT * FROM Patients

37 www.sqlmastersconsulting.com.au 2016 Row-Level Security Three Security Policy transparently rewrites query to apply filter predicate Database Policy Manager Filter Predicate: INNER JOIN… Security Policy Applicatio n Patients Nurse SELECT * FROM Patients SEMIJOIN APPLY dbo.fn_securitypredicate(patients.Wing); SELECT Patients.* FROM Patients, StaffDuties d INNER JOIN Employees e ON (d.EmpId = e.EmpId) WHERE e.UserSID = SUSER_SID() AND Patients.wing = d.Wing;

38 www.sqlmastersconsulting.com.au In Summary 2005 / 2008 / 2008 R22012 / 20142016 Availability  Failover Clustering  Database Mirroring  Replication  Transaction Log Shipping  AlwaysOn Availability Groups  AG Enhancements

39 www.sqlmastersconsulting.com.au In Summary 2005 / 2008 / 2008 R22012 / 20142016 Performance  Backup Compression  Data Compression  Online Index Operations  Partitioning  Resource Governor  Snapshot Isolations  Buffer Pool Extension  Cluster Columnstore Indexes  In-Memory OLTP  Managed Lock Priority  Non Clustered Columnstore Indexes  Single Partition Online Index Rebuild  Operational Analytics  In-memory OLTP Improvements  Query Store

40 www.sqlmastersconsulting.com.au In Summary 2005 / 2008 / 2008 R22012 / 20142016 Security  Common Criteria Compliance  C2 Audit  Data Encryption key Management  Extended Events  SQL Server Audit  TDE  Windows Integrated Authentication  Contained Databases  Backup Encryption  Always Encrypted  Row level security

41 www.sqlmastersconsulting.com.au You Fourth Pillar

42 www.sqlmastersconsulting.com.au Questions ?

43 www.sqlmastersconsulting.com.au Thanks To The Sponsors Warwick Rudd | Principal Consultant – Warwick@sqlmasters consulting.com.au #456 | Auckland 2015

44 www.sqlmastersconsulting.com.au Thank You Warwick Rudd | Principal Consultant – Warwick@sqlmasters consulting.com.au #456 | Auckland 2015


Download ppt "Warwick Rudd | Principal Consultant – consulting.com.au #456 | Auckland 2015 Mission Critical SQL Server."

Similar presentations


Ads by Google