![]() ![]() The Luna Cloud HSM Service Client and Luna EKM must be setup on all nodes in the SQL server configuration that will be added to the Always On availability group. Optionally, secondary databases can be made available for read-only access and/or backup operations. An availability group supports a set of read-write primary databases and one to eight sets of corresponding secondary databases. An availability group supports a failover environment for a discrete set of user databases, known as availability databases that fail over together. Introduced in SQL Server 2012, Always On Availability Groups maximize the availability of a set of user databases for an enterprise. ![]() The Always On Availability Groups feature is a high-availability and disaster recovery solution that provides an enterprise-level alternative to database mirroring. The following diagram demonstrates the relationship between the database master key and the HSM devices in a Microsoft SQL configuration:Ībout Microsoft SQL Server High Availability (Always On) Microsoft SQL Server is a database platform for large-scale online transaction processing (OLTP), data warehousing, and e-commerce applications it is also a business intelligence platform for data integration, analysis, and reporting solutions. This integration is supported on the following operating systems: These integration guides use the following third party applications: We recommend you familiarize yourself with SQL server operations and basic HSM concepts to make full use of the integration. At this time, we recommend using a maximum RSA key length of 3072-bit. The issue has been reported to Microsoft technical support and we are awaiting a resolution. ![]() The integration testing identified an issue in TDE when encrypting the DEK using an RSA_4096 key. We recommend you use the Luna Cloud HSM for Microsoft SQL Server service for this integration. Configure your Microsoft SQL Server to use a Luna Cloud HSM Service to provide full key life-cycle management with FIPS-certified hardware and to reduce the cryptographic load on the host server CPU.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |