azure sql database overviewdownload.microsoft.com/download/c/f/f/cff0a653-6cd...sql db is phasing...

DBI B306

•

•

•

• Built for SaaS and Enterprise applications

• Predictable performance & Pricing

• Elastic database pool for unpredictable SaaS workloads

• 99.99% availability built-in

• Geo-replication and restore services for data protection

• Secure and compliant for your sensitive data

• Fully compatible with SQL Server 2014 databases

Fully managed SQL database service so you can focus on your business

80 B / every day

Customer requests

processed

350 M /

every day

Logins

1.6 M / as of

today

Database in use

25 M / per day

Database hours

133countries

Use of Azure SQL DB

114 k

Single customer

application with DB

ISVs and SaaS Enterprise Apps

Serving Customer

Enterprise Apps

Serving Employees

快速开发部署移动App

Compute

Wri

tes R

ead

s

Memory

• Basic Standard Premium

B S0 S1

S2 S3

P2

P6

P1

常用数据库扩展形式

Azure SQL Database扩展选择方案

Vertical: Scale up or scale down

Horizontal: Scale out or scale in

Scale out/in

Sca

le u

p/d

ow

n

Premium

Basic

Standard

Basic Basic Basic

Premium

SQL DB

V12

FedRAMP, ISO, HIPPA, PCI, EU MC, UK G-Cloud

Encryption Type Type Customer Value

Encryption-In-Transit TLS from Client to Server

TLS = Transport Layer Security

Protects data between client and server against snooping & man-in-the-middle attacks.

SQL DB is phasing out SSL 3.0 and TLS 1.0 in favor of TLS 1.2.

Encryption-At-Rest TDE for SQL DB

TDE = Transparent Data Encryption

Protects data on disk. Key management done by Azure.

Makes it easier to obtain compliance.

Encryption-End-To-End Client-side column encryption for SQL

DB (library available for download)

Data protected end-to-end but application is aware of encrypted columns.

Used in the absence of data masking and TDE for compliance related scenarios.

Database Files,

Backups, Tx Log,

TempDB

Customer Data

In-Transit At-Rest End-To-End

数据加密

Encrypted at rest, in flight, and while in use

SQL Server does not have the keys (nor does it

need the keys)

Keep application changes to a minimum

Encryption/decryption of data done transparently in

TCE-enabled client driver

Support for equality operations (include joins) on

encrypted data

Azure manages encryption keys

All customer data encrypted at rest

SQL Database

Fine-grained access control over specific rows in a

database table

Help prevent unauthorized access when multiple users

share the same tables, or to implement connection

filtering in multitenant applications

Administer via SQL Server Management Studio or SQL

Server Data Tools

Enforcement logic inside the database and schema

bound to the table.

Protect data privacy by ensuring the right access across rows

Row-level security

SQL Database

Customer 1

Customer 2

Customer 3

Configuration made easy in the new Azure

portal

Policy-driven at the table and column level, for

a defined set of users

Data masking applied in real-time to query

results based on policy

Multiple masking functions available (e.g. full,

partial) for various sensitive data categories

(e.g. Credit Card Numbers, SSN, etc.)

Prevent the abuse of sensitive data by

hiding it from users

SQL Database

Table.CreditCardNo

4465-6571-7868-5796

4468-7746-3848-1978

4484-5434-6858-6550

Real-time data masking; partial masking

Geo-Restore Geo-Redundant

Backups RPO < 1 hour

Recovery Time

Minutes to Hours

Geo-Replication Asynchronous

Replication RPO < 5 seconds

Recovery Time

< 30 seconds

Point in time restore Continuous backup Restore to any-

point

Recovery Time

Minutes to Hours

Accidental Database

deletion Tail-end backup

Restore to point of

deletion

Recovery Time

Minutes to Hours

PREVIEW

• Elastic databases, Elastic database pools

• Pooled resources leveraged by many databases

• Standard elastic pool provides 100-1200* DTUs for up to 200* databases

• Elastic Standard databases can burst up to 100 DTUs (S3 level)

• Created/configure pool via portal, PowerShell, REST APIs

• Move databases in/out using portal, PowerShell, REST APIs, T-SQL

• Databases remain online throughout

• Monitoring and alerting is available on both pool and databases

*Additional pricing tiers may be introduced, and the ranges and limits may be increased during the preview

Max per-database burst level

https://channel9.msdn.com/Events/Ignite/Microsoft-Ignite-China-2015

http://aka.ms/IgniteChina2015