Windows Server 2008 Data Security

  
 

Data security is a key requirement in any data services solution, and Windows
Server 2008 and SQL Server 2008 combine to provide an end-to-end data protection through a powerful collection based on encryption technology. .

Windows Server 2008 relies on built-in IP Security (IPSec) support to provide encrypted data transfer over a network connection.

Windows Server 2008 provides an enhanced IPSec implementation that simplifies configuration and reduces administrative overhead.

































format.

Why use NTFS?

Compression: Includes the ability to compress or decompress drives, folders, or specific files.

File Encryption: It greatly enhances security.

Better scalability: Partitioning NTFS partitions is much larger than FAT partitions. When partition size increases, NTFS performance does not degrade, and in this case FAT performance is degraded.

Recover logging of disk activity; it allows NTFS to recover information as soon as possible after a power outage or other system problem.

Installing NTFS is required to install domain controllers and Active Directory.

Remote Storage: Extends disk space by making removable media (such as tape) more accessible.

Disk Quota: Can be used to monitor and control the amount of disk space used by a single user.

Windows Server 2008, NTFS for transactions, allows all operations in the NTFS file system to be controlled in a single transaction, allowing the operating system services to join a transaction through the new kernel transaction manager.

Server 2008 The FILESTREAM data type allows large binary data, such as documents and images, to be stored directly into an NTFS file system; documents and images are still a major part of the database and maintain transactional consistency.

FILESTREAM allows traditional large database-managed binary data to be stored as separate files outside of the database, which can be accessed using an NTFS streaming API. Use the NTFS Streaming API to enable normal file operations to be performed efficiently, while providing all the rich database services, including security and backup.

NTFS for transactions can also communicate with MS DTC (Distributed Transaction Center). In this way, the application can be composed of database calls, as well as file system operations (such as document management systems). This transaction function is built on the SMB 2.0 (Server Message Module) protocol, so a distributed file operation can be included in a single transaction.

TDE:

Transparent Data Encryption (TDE) in SQL Server 2008, you can choose to use cell-level encryption as in SQL Server 2005, or use TDE for full database-level encryption. Or file-level encryption provided by Windows.

It is designed to provide static protection for the entire database without affecting existing applications. Encrypting a database has traditionally involved complex application changes, such as modifying table schemas, removing functions, and significant performance degradation.

TDE simply encrypts everything, all data types, keys, indexes, and so on, all of which can be used without sacrificing security or leaking information on the disk.

TDE is file-level and is similar to two Windows features: File Encryption System (EFS) and Drive Disk Encryption.

TDE does not replace cell-level encryption, EFS or BitLocker. TDE is suitable for large amounts of encryption, and it can meet regulatory compliance or public data security standards.

TDE protects data when data files or backup files are accessed and copied. When the support for hardware security modules is combined with it, TDE provides an effective way to protect the data stored in the database in the desktop

. This encryption ensures that when the computer is lost or stolen, the database cannot be opened without the corresponding secure hardware module. To better protect data, Windows Server 2008 provides enhanced Microsoft BitLocker driver encryption technology that can be used to encrypt all hardware disks in your computer.

SQL Server 2008 extends this capability further by providing support for encrypted database connections, protecting data as it travels over the network, and providing new, powerful Display Data Encryption (TDE) capabilities. TDE encrypts the data in the database and backup files without having to make any changes to the client application that accesses this data.

Summary:

SQL Server 2008 and Windows Server 2008 combine to provide a compelling solution for security, compliance and high availability.

Copyright © Windows knowledge All Rights Reserved