Sql server 2012_sp1_03_of_12_organizational_compliance_level300_dark_deck

247 views
162 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
247
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Sql server 2012_sp1_03_of_12_organizational_compliance_level300_dark_deck

  1. 1. ORGANIZATIONAL COMPLIANCEMISSION CRITICAL CONFIDENCE
  2. 2. THE FANTASTIC 12 OF 2012 1 2 3 4 5 6 7 8 9 10 11 12
  3. 3. ORGANIZATIONAL SECURITY & COMPLIANCEHELP ENABLE SECURITY & COMPLIANCE WITH BUILT-IN SECURITY & IT CONTROLS
  4. 4. AUDIT SUPPORTED ON ALL SKUSBasic Audit on all SKUsServer Audit Specs onlyDB Audit Specs for EnterpriseNo longer need SQLTraceEnjoy advantages of AuditPerformanceMultiple Audits and multiple targetsPersist stateAudit Resilience
  5. 5. IMPROVED RESILIENCE
  6. 6. AUDIT WRITE FAILURE (SHUTDOWN)
  7. 7. T-SQL STACK INFORMATION
  8. 8. USER-DEFINED AUDIT EVENTexec sp_audit_write 1234, 1, N‘Payroll record changed!’
  9. 9. RECORD FILTERING
  10. 10. AUDIT PERFORMANCEDepends upon:The workloadWhat’s being auditedComparison of SQL Server Audit against SQL Trace for 5 differenttypical customer workloads…
  11. 11. OTHER THINGS YOU SHOULD KNOWParameterized queriesAudit Xevent Sessions may not be manipulated by XeventDDL.Audit logs are not encrypted or compressedAudit events are fired with permission checksWriting to files are much faster than to event logNo auditing of result sets
  12. 12. OTHER THINGS YOU SHOULD KNOWBoth Audit and Audit Specifications have STATEparameters.Can only change state outside user transaction.All other audit changes can be done in a transaction, but with Audit or AuditSpecification OFF.
  13. 13. SECURELY AND EASILY TRACK DB ACTIVITYConsider SQL Server Audit for all security auditing requirementsand leverage the 2012 enhancementsCarefully devise a strategy for what needs to be audited andwhere to send the audit information based on security andperformance needsMonitor administrator activity and prevent tampering of thelogs.
  14. 14. EXTENDED EVENTS REFRESHERReal-time data captureNo performance penaltyBased on Event Tracing for Windows (ETW)Full programmability support
  15. 15. EXTENDED EVENTS OBJECT MODELPackagesEvents and ActionsFilters and PredicatesSessionsTargets
  16. 16. PACKAGES IN SQL SERVER 2012
  17. 17. WHAT DOES THAT GIVE ME?Errors reportedNon-yielding schedulersDeadlocksInternal and external wait infosp_server_diagnostics outputPersisted to file or in memory
  18. 18. VIEWING A REAL-TIME SNAPSHOT OF SYSTEM_HEALTHSELECT CAST(xet.target_data as xml)FROM sys.dm_xe_session_targets xetJOIN sys.dm_xe_sessions xeON (xe.address = xet.event_session_address)WHERE xe.name = system_health
  19. 19. WHAT OTHER THINGS CAN YOU LOOK AT?SQLserver PackagePage splits – see Jonathan Kehayias blogauto_statsbegin / end transactionOver 500 different items!SQLOS Packagewait_infowait_info_externalspinlock_backoffsSixty different items
  20. 20. • SQL Server delivers industry-leading security (3rd party white paper)• SQL Server delivers industry-leading security (3rd party white paper – updated to include Windows Server)• SQL Server Security Best Practice – Operational and Administrative Tasks• SQL Server Label Security Toolkit for Classified Databases Codeplex• SQL Server Label Security Toolkit for Classified Databases Whitepaper• SQL Server Data Masking Toolkit Codeplex• SQL Server Security Public Web Site• SQL Server Engine Security Blog• PCI 2.0 Compliance with SQL Server• HIPAA Compliance with SQL Server• SQL Server Separation of Duties for Application Developer• SQL Server Separation of Duties for DBA• SQL Server in FIPS 140-2-compliance mode• Enterprise Policy Management Framework with SQL Server
  21. 21. © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademar ks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accu racy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

×