These sequential read and write rates appear to be purposely throttled and are consistent in my testing on multiple systems with various types of storage. The data is then encrypted with your chosen encryption algorithm, and then written back out to the data file at about 55MB/per second (per data file, if they are on separate logical drives). The initial TDE encryption scan for a user database will use one background CPU thread per data file in the database (if the data files are located on separate logical drives), to slowly read the entire contents of the data file into memory at the rate of about 52MB/second per data file (if the data files are located on separate logical drives).
This protects your data from someone getting access to those database or database backup files as long as that person doesn’t also have access to your encryption certificates and keys. Transparent Data Encryption (TDE) is SQL Server’s form of encryption at rest, which means that your data files, log file, tempdb files, and your SQL Server full, differential, and log backups will be encrypted when you enable TDE on a user database. As an introduction, I’ll cover some the highlights of several of these security features. Some of these security features can have performance implications that you should be aware of as you decide which ones you want to implement. Microsoft has a number of security features in SQL Server 2017 that are useful for different purposes, depending on what you are trying to protect and what threat(s) you are trying to protect against.
0 kommentar(er)
