Presentation is loading. Please wait.

Presentation is loading. Please wait.

DBI401 Customer challenges Protect data-at-rest Transparent Data Encryption Data/Key separation Extensible Key Managements Use strong authentication.

Published byBeverley Collins Modified over 8 years ago

Similar presentations

Presentation on theme: "DBI401 Customer challenges Protect data-at-rest Transparent Data Encryption Data/Key separation Extensible Key Managements Use strong authentication."— Presentation transcript:

1

2 DBI401

3

4

5 Customer challenges Protect data-at-rest Transparent Data Encryption Data/Key separation Extensible Key Managements Use strong authentication Kerberos authentication enhancements Monitor all activity SQL Server Audit Detect non-compliant configurations Policy-Based Management Change Data Capture Industry Certification Common Criteria Certification (EAL4+) PROTECT DATA ENSURE COMPLIANCE CONTROL ACCESS

6

7

8 Default Schema for GroupsUser-Defined Server Roles

9 Group1 Default schema = schema1

10 CONTROL SERVER ALTER ANY LOGIN DBARole

11 demo

12 Audit supported on all SKUsImproved ResilienceUser-Defined Audit EventRecord FilteringT-SQL Stack Information

13 SQL Server Express

14 Select… Rollback

15 exec sp_audit_write 1234, 1, N‘Hello World’ @user_defined_event_id @succeeded @user_defined_info Audit Log

16 CREATE SERVER AUDIT audit_name TO { [ FILE ( [,...n ]) ] | APPLICATION_LOG | SECURITY_LOG } [ WITH ( [,...n ] ) ] [ FILTER = ] } … ::= { [ NOT ] | {( ) } [ { AND | OR } [ NOT ] { | ( ) } ] [,...n ] } Tightly constrain info written to Audit log ● Audit record generated but not written Leverages Xevent filtering

17 Audit Log hr.viewsalaryhr.viewsalary hr.payrollhr.payroll exec hr.viewsalary select salary from hr.payroll

18 demo

19

20 User=Alice; Pwd; IC=NormalDB Login User=Alice; Pwd; IC=CDB Contained User User=Alice; Pwd; IC=CDB Login (Contained user Alice exists) (Contained user Alice does not exist)

21 User=Domain\Alice; IC=NormalDB Login User=Domain\Alice; IC=CDB Login User=Domain\Alice; IC=CDB Contained User (Login Alice exists) (Login Alice does not exist)

22 demo

23 CREATE CERTIFICATE FROM BYTES4K certificates supported for importSMK/DMK default to AES256Key backups encrypted with AES256SHA2 (256 and 512) supportPassword hashes use SHA512RC4 deprecated

24 Required Slide Speakers, please list the Breakout Sessions, Interactive Discussions, Labs, Demo Stations and Certification Exam that relate to your session. Also indicate when they can find you staffing in the TLC.

25 SQL Server Database Security and Compliance portal Understanding SQL Server Audit Understanding Transparent Data Encryption Understanding Extensible Key Management SQL Server 2008 Security Security Enhancements Server Level Roles Designing and Implementing a Contained Database SQL Server “Denali” SQL Server Engine Security Blog SQL Server Security Forum Additional Resources

26 Required Slide Track PMs will supply the content for this slide, which will be inserted during the final scrub. Try the new SQL Server Mission Critical BareMetal Hand’s on-Labs Visit the updated website for SQL Server® Code Name “Denali” on www.microsoft.com/sqlserver and sign to be notified when the next CTP is available www.microsoft.com/sqlserver Follow the @SQLServer Twitter account to watch for updates Visit the SQL Server Product Demo Stations in the DBI Track section of the Expo/TLC Hall. Bring your questions, ideas and conversations! Microsoft® SQL Server® Security & ManagementMicrosoft® SQL Server® Optimization and Scalability Microsoft® SQL Server® ProgrammabilityMicrosoft® SQL Server® Data Warehousing Microsoft® SQL Server® Mission Critical Microsoft® SQL Server® Data Integration

27 Resources www.microsoft.com/teched Sessions On-Demand & CommunityMicrosoft Certification & Training Resources Resources for IT ProfessionalsResources for Developers www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn http://northamerica.msteched.com Connect. Share. Discuss.

28

29 Scan the Tag to evaluate this session now on myTechEd Mobile

30

Download ppt "DBI401 Customer challenges Protect data-at-rest Transparent Data Encryption Data/Key separation Extensible Key Managements Use strong authentication."

Similar presentations

DBI402. SQL Server Specialist, Financial Industry Boston, MA Conference and INETA Speaker Connections, PASS, TechEd, DevTeach, etc. Author SQL Server.

DBI402. SQL Server Specialist, Financial Industry Boston, MA Conference and INETA Speaker Connections, PASS, TechEd, DevTeach, etc. Author SQL Server.
DBI403 Few Nodes Many Nodes SalesDB CustomerFederationeration CustomerFederation Federation Members Federation Root Federations.

DBI403 Few Nodes Many Nodes SalesDB CustomerFederationeration CustomerFederation Federation Members Federation Root Federations.
4/10/2017 2:53 PM SIM202 We Don't Need No Stinkin' GUI: Command-Line Capture Techniques (Remote Options) Laura Chappell Founder, Wireshark University Founder,

4/10/2017 2:53 PM SIM202 We Don't Need No Stinkin' GUI: Command-Line Capture Techniques (Remote Options) Laura Chappell Founder, Wireshark University Founder,
DBI 312. SELECT prod.. FROM Product,,,, WHERE ….

DBI 312. SELECT prod.. FROM Product,,,, WHERE ….
DEV333. Describe each main attack Demo how the attack works Fix our poor vulnerable application! Why Script Kiddies, Why? Click to Hack.

DEV333. Describe each main attack Demo how the attack works Fix our poor vulnerable application! Why Script Kiddies, Why? Click to Hack.
WCL211. A specialized Windows product portfolio. Licensing adapted to meet embedded scenarios. Supported by a specialized partner ecosystem Distributors.

WCL211. A specialized Windows product portfolio. Licensing adapted to meet embedded scenarios. Supported by a specialized partner ecosystem Distributors.
SIM201. Announcing… copyright chappellseminars.com some hosts comply; RST = closed no = response open some hosts comply; RST = closed no = response.

SIM201. Announcing… copyright chappellseminars.com some hosts comply; RST = closed no = response open some hosts comply; RST = closed no = response.
WSV304 Manual Deployment High cost Fully Automated Low cost.

WSV304 Manual Deployment High cost Fully Automated Low cost.
Sample Fill demo WorkflowServiceHostFactory Tracking Persistence Custom Behaviour Creation Endpoint Control Endpoint Exception Behaviour.

Sample Fill demo WorkflowServiceHostFactory Tracking Persistence Custom Behaviour Creation Endpoint Control Endpoint Exception Behaviour.
Self Assessment COS202 a-Expense.

Self Assessment COS202 a-Expense.
DBI331. Cube Measure Group Measure Partition Cube Dimension Dimension Attribute Relationship Hierarchy Level Cube Attribute Cube Hierarchy Measure.

DBI331. Cube Measure Group Measure Partition Cube Dimension Dimension Attribute Relationship Hierarchy Level Cube Attribute Cube Hierarchy Measure.
Auditing in Microsoft SQL Server 2012 Il-Sung Lee Program Manager Microsoft Corporation DBI407.

Auditing in Microsoft SQL Server 2012 Il-Sung Lee Program Manager Microsoft Corporation DBI407.
DBI305. 4 Buffered Queries with client-side resultsets & cursors Paging results (LIMIT-equivalent clause) Optimize Data Access for PHP Workloads.

DBI Buffered Queries with client-side resultsets & cursors Paging results (LIMIT-equivalent clause) Optimize Data Access for PHP Workloads.
DBI319. Demo SQL Server 2005 SP2 SQL Server 2008 SQL Server 2000 SP4 SQL Server 2008 R2 SQL Server 2008 SP2 SQL Server 2008 R2 SQL.

DBI319. Demo SQL Server 2005 SP2 SQL Server 2008 SQL Server 2000 SP4 SQL Server 2008 R2 SQL Server 2008 SP2 SQL Server 2008 R2 SQL.
DEV314. Entity Data Model demo Entity Data Model.

DEV314. Entity Data Model demo Entity Data Model.
DBI 309 The SQL Server Customer Advisory Team (SQL CAT) represents the customer-facing resources from the SQL Server Product Group. SQL CAT is comprised.

DBI 309 The SQL Server Customer Advisory Team (SQL CAT) represents the customer-facing resources from the SQL Server Product Group. SQL CAT is comprised.
DBI311. Existing NMS application Agent Existing NMS application Agent 0.5 KB/record 2500 records/ agent 10 agents = 25K r/s (12. 5 MB/s) 25K r/s.

DBI311. Existing NMS application Agent Existing NMS application Agent 0.5 KB/record 2500 records/ agent 10 agents = 25K r/s (12. 5 MB/s) 25K r/s.
WCL324 11.5M units by 2015 Designed to always be connected to a server-based desktop Examples of Thin Clients Typically runs a light-weight embedded.

WCL M units by 2015 Designed to always be connected to a server-based desktop Examples of Thin Clients Typically runs a light-weight embedded.
DBI308. What are SQL Server Fast Track Reference Configurations General Fast Track Recommendations Reference Configurations and Best Practices FT 3.0.

DBI308. What are SQL Server Fast Track Reference Configurations General Fast Track Recommendations Reference Configurations and Best Practices FT 3.0.
WCL309. Demo.

WCL309. Demo.

Similar presentations

Ads by Google