SlideShare a Scribd company logo
SQL Server in Azure IaaS,
Paas, on-Prem
Planning and Business Continuity
or more like
Take the Red or the Blue Pill
Lars Platzdasch
MCT,MCSE SQL, MCSE SharePoint
Sprecher:
Lars Platzdasch
Twitter
@LarsPlatzdasch
Xing
/Lars_Platzdasch
LinkedIn
LarsPlatzdasch
Web
www.platzdasch.de
www.3perspektiven.de
MCT: SQL, SharePoint, .net
MCSE: SQL Server Data Platform
MCSE: SharePoint
MCITP: SharePoint 2010, Administrator
MCITP: SharePoint 2010, Developer
Microsoft Certified Application Developer: .NET
Certified Ethical Hacker (CEH) - EC-Council
platzdasch netConsult GmbH & Co. KG | ISV
24/7 Support für SQL / SharePoint
3 Perspektiven GmbH | MBS
22 IT, 21 Jahre SQL Server, 14 Jahre SharePoint
Gold
About the Audience
• DBAs
• Developers
• SQL AlwaysOn Availability Groups
Experience?
• System Administrators
• Azure Lovers ;-)
• and …
The Plan
1. High Level Comparison to SQL Server
2. Most Important Slide about the differences
3. Drill into random interesting capabilities
4. Securing
5. Some demos
6. Tips for Iaas
Hosting Choices for SQL
Azure SQL DB is SQL Server Except…
Common SQL Server
“Just change the
connection
string…”
https://azure.microsoft.com/en-us/documentation/articles/sql-database-transact-sql-information/
Additional information on Differences:
Azure SQL DB
Demos
• Demo: Meet the Portal (portal.azure.com)
• Demo: Create a SQL Database
.
What’s the Same
1. Team
2. Core Code Base
3. Transact-SQL
▪ Yes, full support
▪ https://feedback.azure.com/
4. Most of the features
5. Mature
.
What’s Missing (or is it?) in Azure SQL DB
Category 1: Takes a Different Approach
▪ Example: SQL Agent
Category 2: On the way
▪ Network Support
▪ But in the works…
Category 3: No plan (?)
https://feedback.azure.com/
.
You access a DB
DB is fully managed: High Availability, Backups,
Patching
Runs latest SQL Server version, based on Enterprise ed.
New paradigm of databases and modern app
building
Different DB sizes: Basic (2GB, 5DTUs) to Premium
(1TB, 4000DTUs
DB availability SLA: 99.99% 4000DTUs .. Premium)
Azure SQL Database SQL Server in Azure VM
You access a VM with SQL Server
You manage SQL Server and Windows: High
Availability, Backups, Patching (automation
available)
You can run any SQL Server version and edition
Full on-premises compatibility
Different VM sizes: A0 (1 core, 1GB mem, 100GB)
to G5 ( .. )
VM availability SLA: 99.95%: In practice SQL
AlwaysOn provides higher availability (~99.99%)
Reuse on-premises infrastructure (e.g. Active
Directory)
Differences :
SQL Server View on ‘Managed’
Azure SQL Database
Low Control | Low Maintenance
Shared
Lowercost
Dedicated
Highercost
High Control | High Maintenance
Hybrid
Physical
Virtual
PaaS
SaaS
IaaS
On premises
Off premises
SQL Server
Physical Machines
SQL Server Private Cloud
Virtualized Machines
SQL Server in Azure VM
Virtualized Machines
Virtualized Databases
Cloud
Manageability ( Azure SQL DB )
1. Server Management so easy - not available!
▪ You control schema, indexes, users, etc. as usual
▪ PaaS model
2. 99.95% uptime SLA (one instance)
3. Geo-DR/FO/BC (Active/Passive)
4. Geo-Replication (Active/Active RO)
5. Backups, PiTR
.
DMV Views
(https://azure.microsoft.com/en-us/documentation/articles/sql-database-monitoring-with-dmvs/ )
DTU (https://docs.microsoft.com/de-de/azure/sql-database/sql-database-what-is-a-dtu )
eDTU ( elastic Pool DTU)
Performance ( Azure DB )
.
Data Throughput Unit
Data Throughput Unit
▪ http://dtucalculator.azurewebsites.net/
▪ Demo: DTU definition
https://azure.microsoft.com/en-
us/documentation/articles/sql-database-service-
tiers/#understanding-dtus
SQL / Space / DTU
Pools
Geo Repl
Pricing ( Azure DB )
Pricing in Tiers and Pools
▪ Demo: Pricing options
https://azure.microsoft.com/en-us/pricing/
▪ https://azure.microsoft.com/en-
us/documentation/articles/sql-database-
service-tiers/
Securing SQL Azure
“[Cloud security] is a shared
responsibility between the customer
and the cloud vendor.”
Mark Russinovich, Microsoft Azure CTO
https://www.rsaconference.com/writable/presentations/file_upload/exp-w01_assume-
breach-an-inside-look-at-cloud-service-provider-security.pdf
A Cautionary Tale: Code SpaceS
1. DDoS
2. Ransom demand
3. Security breach noticed
4. Fighting back
5. Malicious destruction
of assets
6. Security & Business #fail
“Code Spaces has a
full recovery plan that
has been proven to
work and is, in fact,
practiced.”
Data plane (data access)
vs. mgmt/control
plane (Portal, APIs,
PowerShell)ELAPSEDTIME:
12HOURShttp://arstechnica.com/security/2014/06/aws-console-breach-leads-to-demise-of-service-with-proven-backup-plan/
Risk Mitigation
Internet Exposed RDP or SSH Endpoints Network ACLs or Host-based Firewall; Strong passwords; VPN or SSH
Tunnels
Virtual Machine Missing Security Patches Keep Automatic Updates Enabled;
Web Application Vulnerability Securing Azure Web Applications; Vulnerability scan/penetration test
Weak Admin/Co-Admin Credentials Azure Multi-Factor Authentication; Subscription Management Certificate
Unrestricted SQL Endpoint Azure SQL Firewall
Storage Key Disclosure Manage Access to Storage Resources
Insufficient Security Monitoring Azure Security and Log Management;
Top Azure Risks Leading to Tenant
Breach
https://www.rsaconference.com/writable/presentations/file_upload/exp-w01_assume-
breach-an-inside-look-at-cloud-service-provider-security.pdf
SSO for Built-In Services
Use same AAD where makes sense across
• Azure
• Office 365
• Visual Studio Team Services
• Windows 10 (Intune)
• Azure SQL Database (!)
Prefer RBAC to Co-Admin
• Co-Admin only option on Classic Portal
• RBAC only available on portal.azure.com
• New portal support not 100%
• https://azure.microsoft.com/en-us/documentation/articles/role-based-access-built-in-
roles/
• https://azure.microsoft.com/en-us/documentation/articles/role-based-access-control-
configure/
RBAC : Role Based Access Control ( IAM )
1. Always Encrypted
2. TDE, CLE
3. Data Masking
4. Auditing
5. Firewall
Protecting Your SQL Database ( Demo )
Firewalls
• SQL DB Server
• Database Level: sp_set_firewall_rule
• Or SSMS beim Login
Data Masking
• Dynamic Data Masking:
• https://azure.microsoft.com/en-us/documentation/articles/sql-database-dynamic-data-masking-
get-started/
• Server-side
SQL DB Data Encryption Always Encrypted
• Transparent Data Encryption
• Server-side
• Always Encrypted:
https://azure.microsoft.com/en-
us/updates/public-preview-always-encrypted-
for-azure-sql-database/
• Client-side
• GEO-REPL
Backup / Point In Time Recovery
Disaster Recovery and Business Continuity
SQL Server Iaas
Some Best Practices (Azure Iaas)
• Start the deployment with Lower Specification.
• Use DS Series VMs and User Premium storage for higher
throughput
• Disable geo-redundant storage on the storage accounts.
• Enable read caching on the disks hosting the data files and
TempDB.
• Disable caching on the logs disk.
• Strip multiple disks to achieve higher IOPs.
• Move all databases to separate disks. (Not in OS disks)
• Disable autogrow
• Enable instant file initialization for data files.
•
•
•
•
Blue or Red?
Azure SQL Database SQL Server in Azure VM
Resources
• Pass or Iaas
https://docs.microsoft.com/en-us/azure/sql-
database/sql-database-paas-vs-sql-server-iaas
Q & A
Vielen Dank für eure
Zeit.
@LarsPlatzdasch
http://blog.platzdasch.de

More Related Content

What's hot

SQL Azure for ITPros
SQL Azure for ITProsSQL Azure for ITPros
SQL Azure for ITPros
Tobias Koprowski
 
Azure - Data Platform
Azure - Data PlatformAzure - Data Platform
Azure - Data Platform
giventocode
 
HA/DR options with SQL Server in Azure and hybrid
HA/DR options with SQL Server in Azure and hybridHA/DR options with SQL Server in Azure and hybrid
HA/DR options with SQL Server in Azure and hybrid
James Serra
 
Azure SQL Database
Azure SQL DatabaseAzure SQL Database
Azure SQL Database
rockplace
 
What's new in SQL Server 2017
What's new in SQL Server 2017What's new in SQL Server 2017
What's new in SQL Server 2017
Hasan Savran
 
Introducing Azure SQL Database
Introducing Azure SQL DatabaseIntroducing Azure SQL Database
Introducing Azure SQL Database
James Serra
 
Keep your environment always on with sql server 2016 sql bits 2017
Keep your environment always on with sql server 2016 sql bits 2017Keep your environment always on with sql server 2016 sql bits 2017
Keep your environment always on with sql server 2016 sql bits 2017
Bob Ward
 
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBAKoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
Tobias Koprowski
 
Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)
Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)
Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)
Chad Green
 
Migrating Data and Databases to Azure
Migrating Data and Databases to AzureMigrating Data and Databases to Azure
Migrating Data and Databases to Azure
Karen Lopez
 
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018 Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Antonios Chatzipavlis
 
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
Tobias Koprowski
 
What’s new in SQL Server 2017
What’s new in SQL Server 2017What’s new in SQL Server 2017
What’s new in SQL Server 2017
James Serra
 
Experience SQL Server 2017: The Modern Data Platform
Experience SQL Server 2017: The Modern Data PlatformExperience SQL Server 2017: The Modern Data Platform
Experience SQL Server 2017: The Modern Data Platform
Bob Ward
 
Azure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim RadneyAzure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim Radney
Hasan Savran
 
Azure Cloud Dev Camp - Introduction
Azure Cloud Dev Camp - IntroductionAzure Cloud Dev Camp - Introduction
Azure Cloud Dev Camp - Introduction
giventocode
 
Azure Cosmos DB
Azure Cosmos DBAzure Cosmos DB
Azure Cosmos DB
Mohamed Tawfik
 
Azure data platform overview
Azure data platform overviewAzure data platform overview
Azure data platform overview
James Serra
 
Migrating Customers to Microsoft Azure: Lessons Learned From the Field
Migrating Customers to Microsoft Azure: Lessons Learned From the FieldMigrating Customers to Microsoft Azure: Lessons Learned From the Field
Migrating Customers to Microsoft Azure: Lessons Learned From the Field
Ido Flatow
 
Introduction to Windows Azure Data Services
Introduction to Windows Azure Data ServicesIntroduction to Windows Azure Data Services
Introduction to Windows Azure Data Services
Robert Greiner
 

What's hot (20)

SQL Azure for ITPros
SQL Azure for ITProsSQL Azure for ITPros
SQL Azure for ITPros
 
Azure - Data Platform
Azure - Data PlatformAzure - Data Platform
Azure - Data Platform
 
HA/DR options with SQL Server in Azure and hybrid
HA/DR options with SQL Server in Azure and hybridHA/DR options with SQL Server in Azure and hybrid
HA/DR options with SQL Server in Azure and hybrid
 
Azure SQL Database
Azure SQL DatabaseAzure SQL Database
Azure SQL Database
 
What's new in SQL Server 2017
What's new in SQL Server 2017What's new in SQL Server 2017
What's new in SQL Server 2017
 
Introducing Azure SQL Database
Introducing Azure SQL DatabaseIntroducing Azure SQL Database
Introducing Azure SQL Database
 
Keep your environment always on with sql server 2016 sql bits 2017
Keep your environment always on with sql server 2016 sql bits 2017Keep your environment always on with sql server 2016 sql bits 2017
Keep your environment always on with sql server 2016 sql bits 2017
 
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBAKoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
 
Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)
Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)
Getting Started with Azure SQL Database (Presented at Pittsburgh TechFest 2018)
 
Migrating Data and Databases to Azure
Migrating Data and Databases to AzureMigrating Data and Databases to Azure
Migrating Data and Databases to Azure
 
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018 Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018
 
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
 
What’s new in SQL Server 2017
What’s new in SQL Server 2017What’s new in SQL Server 2017
What’s new in SQL Server 2017
 
Experience SQL Server 2017: The Modern Data Platform
Experience SQL Server 2017: The Modern Data PlatformExperience SQL Server 2017: The Modern Data Platform
Experience SQL Server 2017: The Modern Data Platform
 
Azure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim RadneyAzure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim Radney
 
Azure Cloud Dev Camp - Introduction
Azure Cloud Dev Camp - IntroductionAzure Cloud Dev Camp - Introduction
Azure Cloud Dev Camp - Introduction
 
Azure Cosmos DB
Azure Cosmos DBAzure Cosmos DB
Azure Cosmos DB
 
Azure data platform overview
Azure data platform overviewAzure data platform overview
Azure data platform overview
 
Migrating Customers to Microsoft Azure: Lessons Learned From the Field
Migrating Customers to Microsoft Azure: Lessons Learned From the FieldMigrating Customers to Microsoft Azure: Lessons Learned From the Field
Migrating Customers to Microsoft Azure: Lessons Learned From the Field
 
Introduction to Windows Azure Data Services
Introduction to Windows Azure Data ServicesIntroduction to Windows Azure Data Services
Introduction to Windows Azure Data Services
 

Similar to Azure Boot Camp 21.04.2018 SQL Server in Azure Iaas PaaS on-prem Lars Platzdasch

The Evolution of SQL Server as a Service - SQL Azure Managed Instance
The Evolution of SQL Server as a Service - SQL Azure Managed InstanceThe Evolution of SQL Server as a Service - SQL Azure Managed Instance
The Evolution of SQL Server as a Service - SQL Azure Managed Instance
Javier Villegas
 
Microsoft Azure essentials
Microsoft Azure essentialsMicrosoft Azure essentials
Microsoft Azure essentials
Vaibhav Gujral
 
Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)
Chris Dufour
 
Big App Workloads on Microsoft Azure - TechEd Europe 2014
Big App Workloads on Microsoft Azure - TechEd Europe 2014Big App Workloads on Microsoft Azure - TechEd Europe 2014
Big App Workloads on Microsoft Azure - TechEd Europe 2014
Brian Benz
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 -  Running SharePoint on Azure Tips - Jared ShockleyO365Con18 -  Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
NCCOMMS
 
Moving to the cloud; PaaS, IaaS or Managed Instance
Moving to the cloud; PaaS, IaaS or Managed InstanceMoving to the cloud; PaaS, IaaS or Managed Instance
Moving to the cloud; PaaS, IaaS or Managed Instance
Thomas Sykes
 
The Essentials of Building Cloud-Based Web Apps with Azure
The Essentials of Building Cloud-Based Web Apps with AzureThe Essentials of Building Cloud-Based Web Apps with Azure
The Essentials of Building Cloud-Based Web Apps with Azure
Ido Flatow
 
2014.11.14 Data Opportunities with Azure
2014.11.14 Data Opportunities with Azure2014.11.14 Data Opportunities with Azure
2014.11.14 Data Opportunities with Azure
Marco Parenzan
 
Azure SQL Database Managed Instance
Azure SQL Database Managed InstanceAzure SQL Database Managed Instance
Azure SQL Database Managed Instance
James Serra
 
Sql Azure
Sql AzureSql Azure
Sql Azure
Yves Goeleven
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
Tobias Koprowski
 
BizSpark Startup Night Windows Azure March 29, 2011
BizSpark Startup Night Windows Azure March 29, 2011BizSpark Startup Night Windows Azure March 29, 2011
BizSpark Startup Night Windows Azure March 29, 2011
Spiffy
 
AWS Enterprise Workloads on AWS IP Expo 2013
AWS Enterprise Workloads on AWS IP Expo 2013AWS Enterprise Workloads on AWS IP Expo 2013
AWS Enterprise Workloads on AWS IP Expo 2013
Amazon Web Services
 
Optimiser votre infrastructure SQL Server avec Azure
Optimiser votre infrastructure SQL Server avec AzureOptimiser votre infrastructure SQL Server avec Azure
Optimiser votre infrastructure SQL Server avec Azure
Swiss Data Forum Swiss Data Forum
 
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft Private Cloud
 
Why you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloudWhy you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloud
Microsoft TechNet - Belgium and Luxembourg
 
NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...
NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...
NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...
Timothy McAliley
 
Microsoft Azure News - 2019 April
Microsoft Azure News - 2019 AprilMicrosoft Azure News - 2019 April
Microsoft Azure News - 2019 April
Daniel Toomey
 
SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...
SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...
SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...
Scott Hoag
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft Azure
Guy Barrette
 

Similar to Azure Boot Camp 21.04.2018 SQL Server in Azure Iaas PaaS on-prem Lars Platzdasch (20)

The Evolution of SQL Server as a Service - SQL Azure Managed Instance
The Evolution of SQL Server as a Service - SQL Azure Managed InstanceThe Evolution of SQL Server as a Service - SQL Azure Managed Instance
The Evolution of SQL Server as a Service - SQL Azure Managed Instance
 
Microsoft Azure essentials
Microsoft Azure essentialsMicrosoft Azure essentials
Microsoft Azure essentials
 
Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)
 
Big App Workloads on Microsoft Azure - TechEd Europe 2014
Big App Workloads on Microsoft Azure - TechEd Europe 2014Big App Workloads on Microsoft Azure - TechEd Europe 2014
Big App Workloads on Microsoft Azure - TechEd Europe 2014
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 -  Running SharePoint on Azure Tips - Jared ShockleyO365Con18 -  Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
 
Moving to the cloud; PaaS, IaaS or Managed Instance
Moving to the cloud; PaaS, IaaS or Managed InstanceMoving to the cloud; PaaS, IaaS or Managed Instance
Moving to the cloud; PaaS, IaaS or Managed Instance
 
The Essentials of Building Cloud-Based Web Apps with Azure
The Essentials of Building Cloud-Based Web Apps with AzureThe Essentials of Building Cloud-Based Web Apps with Azure
The Essentials of Building Cloud-Based Web Apps with Azure
 
2014.11.14 Data Opportunities with Azure
2014.11.14 Data Opportunities with Azure2014.11.14 Data Opportunities with Azure
2014.11.14 Data Opportunities with Azure
 
Azure SQL Database Managed Instance
Azure SQL Database Managed InstanceAzure SQL Database Managed Instance
Azure SQL Database Managed Instance
 
Sql Azure
Sql AzureSql Azure
Sql Azure
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
 
BizSpark Startup Night Windows Azure March 29, 2011
BizSpark Startup Night Windows Azure March 29, 2011BizSpark Startup Night Windows Azure March 29, 2011
BizSpark Startup Night Windows Azure March 29, 2011
 
AWS Enterprise Workloads on AWS IP Expo 2013
AWS Enterprise Workloads on AWS IP Expo 2013AWS Enterprise Workloads on AWS IP Expo 2013
AWS Enterprise Workloads on AWS IP Expo 2013
 
Optimiser votre infrastructure SQL Server avec Azure
Optimiser votre infrastructure SQL Server avec AzureOptimiser votre infrastructure SQL Server avec Azure
Optimiser votre infrastructure SQL Server avec Azure
 
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
 
Why you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloudWhy you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloud
 
NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...
NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...
NOVA SQL MeetUp Webinar Slides - June 5, 2020 Chris Seferlis - Azure SQL Mana...
 
Microsoft Azure News - 2019 April
Microsoft Azure News - 2019 AprilMicrosoft Azure News - 2019 April
Microsoft Azure News - 2019 April
 
SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...
SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...
SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for Sh...
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft Azure
 

More from Lars Platzdasch

Lars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernen
Lars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernenLars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernen
Lars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernen
Lars Platzdasch
 
SQL Server PowerShell - Community Tools
SQL Server PowerShell - Community ToolsSQL Server PowerShell - Community Tools
SQL Server PowerShell - Community Tools
Lars Platzdasch
 
SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...
SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...
SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...
Lars Platzdasch
 
SQL Server Alwayson for SharePoint HA/DR Step by Step Guide
SQL Server Alwayson for SharePoint HA/DR Step by Step GuideSQL Server Alwayson for SharePoint HA/DR Step by Step Guide
SQL Server Alwayson for SharePoint HA/DR Step by Step Guide
Lars Platzdasch
 
SharePoint 2016 das fliegen lernen - SQL Server Performance Optimierung
SharePoint 2016 das fliegen lernen - SQL Server Performance OptimierungSharePoint 2016 das fliegen lernen - SQL Server Performance Optimierung
SharePoint 2016 das fliegen lernen - SQL Server Performance Optimierung
Lars Platzdasch
 
SQL Server 2016 and SharePoint 2016 - Lars PLatzdasch - SQL Konferenz 2016
SQL Server 2016 and SharePoint 2016  - Lars PLatzdasch - SQL Konferenz 2016SQL Server 2016 and SharePoint 2016  - Lars PLatzdasch - SQL Konferenz 2016
SQL Server 2016 and SharePoint 2016 - Lars PLatzdasch - SQL Konferenz 2016
Lars Platzdasch
 
Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...
Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...
Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...
Lars Platzdasch
 

More from Lars Platzdasch (7)

Lars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernen
Lars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernenLars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernen
Lars Platzdasch SQL Konferenz 2019 SharePoint das fliegen lernen
 
SQL Server PowerShell - Community Tools
SQL Server PowerShell - Community ToolsSQL Server PowerShell - Community Tools
SQL Server PowerShell - Community Tools
 
SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...
SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...
SQL AlwaysON for SharePoint HA/DR on Azure Global Azure Bootcamp 2017 Eisenac...
 
SQL Server Alwayson for SharePoint HA/DR Step by Step Guide
SQL Server Alwayson for SharePoint HA/DR Step by Step GuideSQL Server Alwayson for SharePoint HA/DR Step by Step Guide
SQL Server Alwayson for SharePoint HA/DR Step by Step Guide
 
SharePoint 2016 das fliegen lernen - SQL Server Performance Optimierung
SharePoint 2016 das fliegen lernen - SQL Server Performance OptimierungSharePoint 2016 das fliegen lernen - SQL Server Performance Optimierung
SharePoint 2016 das fliegen lernen - SQL Server Performance Optimierung
 
SQL Server 2016 and SharePoint 2016 - Lars PLatzdasch - SQL Konferenz 2016
SQL Server 2016 and SharePoint 2016  - Lars PLatzdasch - SQL Konferenz 2016SQL Server 2016 and SharePoint 2016  - Lars PLatzdasch - SQL Konferenz 2016
SQL Server 2016 and SharePoint 2016 - Lars PLatzdasch - SQL Konferenz 2016
 
Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...
Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...
Optimizing SQL Server 2012 Deep dive for SharePoint 2013 Lars Platzdasch SQL ...
 

Recently uploaded

Legislation And Regulations For Import, Manufacture,.pptx
Legislation And Regulations For Import, Manufacture,.pptxLegislation And Regulations For Import, Manufacture,.pptx
Legislation And Regulations For Import, Manufacture,.pptx
Charmi13
 
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
OECD Directorate for Financial and Enterprise Affairs
 
Prsentation for VIVA Welike project 1semester.pptx
Prsentation for VIVA Welike project 1semester.pptxPrsentation for VIVA Welike project 1semester.pptx
Prsentation for VIVA Welike project 1semester.pptx
prafulpawar29
 
Gamify it until you make it Improving Agile Development and Operations with ...
Gamify it until you make it  Improving Agile Development and Operations with ...Gamify it until you make it  Improving Agile Development and Operations with ...
Gamify it until you make it Improving Agile Development and Operations with ...
Ben Linders
 
ServiceNow CIS-ITSM Exam Dumps & Questions [2024]
ServiceNow CIS-ITSM Exam Dumps & Questions [2024]ServiceNow CIS-ITSM Exam Dumps & Questions [2024]
ServiceNow CIS-ITSM Exam Dumps & Questions [2024]
SkillCertProExams
 
Proposal: The Ark Project and The BEEP Inc
Proposal: The Ark Project and The BEEP IncProposal: The Ark Project and The BEEP Inc
Proposal: The Ark Project and The BEEP Inc
Raheem Muhammad
 
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
OECD Directorate for Financial and Enterprise Affairs
 
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussion
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussionPro-competitive Industrial Policy – OECD – June 2024 OECD discussion
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussion
OECD Directorate for Financial and Enterprise Affairs
 
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdfWhy Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Ben Linders
 
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
OECD Directorate for Financial and Enterprise Affairs
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
 
原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样
原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样
原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样
gpww3sf4
 
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
OECD Directorate for Financial and Enterprise Affairs
 
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdfBRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
Robin Haunschild
 
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussionPro-competitive Industrial Policy – LANE – June 2024 OECD discussion
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion
OECD Directorate for Financial and Enterprise Affairs
 
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussionArtificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
OECD Directorate for Financial and Enterprise Affairs
 
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
OECD Directorate for Financial and Enterprise Affairs
 
ACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPE
ACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPEACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPE
ACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPE
Charmi13
 
怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样
怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样
怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样
kekzed
 
Using-Presentation-Software-to-the-Fullf.pptx
Using-Presentation-Software-to-the-Fullf.pptxUsing-Presentation-Software-to-the-Fullf.pptx
Using-Presentation-Software-to-the-Fullf.pptx
kainatfatyma9
 

Recently uploaded (20)

Legislation And Regulations For Import, Manufacture,.pptx
Legislation And Regulations For Import, Manufacture,.pptxLegislation And Regulations For Import, Manufacture,.pptx
Legislation And Regulations For Import, Manufacture,.pptx
 
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
 
Prsentation for VIVA Welike project 1semester.pptx
Prsentation for VIVA Welike project 1semester.pptxPrsentation for VIVA Welike project 1semester.pptx
Prsentation for VIVA Welike project 1semester.pptx
 
Gamify it until you make it Improving Agile Development and Operations with ...
Gamify it until you make it  Improving Agile Development and Operations with ...Gamify it until you make it  Improving Agile Development and Operations with ...
Gamify it until you make it Improving Agile Development and Operations with ...
 
ServiceNow CIS-ITSM Exam Dumps & Questions [2024]
ServiceNow CIS-ITSM Exam Dumps & Questions [2024]ServiceNow CIS-ITSM Exam Dumps & Questions [2024]
ServiceNow CIS-ITSM Exam Dumps & Questions [2024]
 
Proposal: The Ark Project and The BEEP Inc
Proposal: The Ark Project and The BEEP IncProposal: The Ark Project and The BEEP Inc
Proposal: The Ark Project and The BEEP Inc
 
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
 
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussion
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussionPro-competitive Industrial Policy – OECD – June 2024 OECD discussion
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussion
 
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdfWhy Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
 
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
 
原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样
原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样
原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样
 
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
 
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdfBRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
 
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussionPro-competitive Industrial Policy – LANE – June 2024 OECD discussion
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion
 
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussionArtificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
 
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
 
ACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPE
ACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPEACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPE
ACTIVE IMPLANTABLE MEDICAL DEVICE IN EUROPE
 
怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样
怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样
怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样
 
Using-Presentation-Software-to-the-Fullf.pptx
Using-Presentation-Software-to-the-Fullf.pptxUsing-Presentation-Software-to-the-Fullf.pptx
Using-Presentation-Software-to-the-Fullf.pptx
 

Azure Boot Camp 21.04.2018 SQL Server in Azure Iaas PaaS on-prem Lars Platzdasch

  • 1. SQL Server in Azure IaaS, Paas, on-Prem Planning and Business Continuity or more like Take the Red or the Blue Pill Lars Platzdasch MCT,MCSE SQL, MCSE SharePoint
  • 2. Sprecher: Lars Platzdasch Twitter @LarsPlatzdasch Xing /Lars_Platzdasch LinkedIn LarsPlatzdasch Web www.platzdasch.de www.3perspektiven.de MCT: SQL, SharePoint, .net MCSE: SQL Server Data Platform MCSE: SharePoint MCITP: SharePoint 2010, Administrator MCITP: SharePoint 2010, Developer Microsoft Certified Application Developer: .NET Certified Ethical Hacker (CEH) - EC-Council platzdasch netConsult GmbH & Co. KG | ISV 24/7 Support für SQL / SharePoint 3 Perspektiven GmbH | MBS 22 IT, 21 Jahre SQL Server, 14 Jahre SharePoint Gold
  • 3. About the Audience • DBAs • Developers • SQL AlwaysOn Availability Groups Experience? • System Administrators • Azure Lovers ;-) • and …
  • 4. The Plan 1. High Level Comparison to SQL Server 2. Most Important Slide about the differences 3. Drill into random interesting capabilities 4. Securing 5. Some demos 6. Tips for Iaas
  • 6. Azure SQL DB is SQL Server Except… Common SQL Server “Just change the connection string…” https://azure.microsoft.com/en-us/documentation/articles/sql-database-transact-sql-information/ Additional information on Differences: Azure SQL DB
  • 7. Demos • Demo: Meet the Portal (portal.azure.com) • Demo: Create a SQL Database .
  • 8. What’s the Same 1. Team 2. Core Code Base 3. Transact-SQL ▪ Yes, full support ▪ https://feedback.azure.com/ 4. Most of the features 5. Mature .
  • 9. What’s Missing (or is it?) in Azure SQL DB Category 1: Takes a Different Approach ▪ Example: SQL Agent Category 2: On the way ▪ Network Support ▪ But in the works… Category 3: No plan (?) https://feedback.azure.com/ .
  • 10. You access a DB DB is fully managed: High Availability, Backups, Patching Runs latest SQL Server version, based on Enterprise ed. New paradigm of databases and modern app building Different DB sizes: Basic (2GB, 5DTUs) to Premium (1TB, 4000DTUs DB availability SLA: 99.99% 4000DTUs .. Premium) Azure SQL Database SQL Server in Azure VM You access a VM with SQL Server You manage SQL Server and Windows: High Availability, Backups, Patching (automation available) You can run any SQL Server version and edition Full on-premises compatibility Different VM sizes: A0 (1 core, 1GB mem, 100GB) to G5 ( .. ) VM availability SLA: 99.95%: In practice SQL AlwaysOn provides higher availability (~99.99%) Reuse on-premises infrastructure (e.g. Active Directory) Differences :
  • 11. SQL Server View on ‘Managed’ Azure SQL Database Low Control | Low Maintenance Shared Lowercost Dedicated Highercost High Control | High Maintenance Hybrid Physical Virtual PaaS SaaS IaaS On premises Off premises SQL Server Physical Machines SQL Server Private Cloud Virtualized Machines SQL Server in Azure VM Virtualized Machines Virtualized Databases Cloud
  • 12. Manageability ( Azure SQL DB ) 1. Server Management so easy - not available! ▪ You control schema, indexes, users, etc. as usual ▪ PaaS model 2. 99.95% uptime SLA (one instance) 3. Geo-DR/FO/BC (Active/Passive) 4. Geo-Replication (Active/Active RO) 5. Backups, PiTR .
  • 13. DMV Views (https://azure.microsoft.com/en-us/documentation/articles/sql-database-monitoring-with-dmvs/ ) DTU (https://docs.microsoft.com/de-de/azure/sql-database/sql-database-what-is-a-dtu ) eDTU ( elastic Pool DTU) Performance ( Azure DB ) . Data Throughput Unit
  • 14. Data Throughput Unit ▪ http://dtucalculator.azurewebsites.net/ ▪ Demo: DTU definition https://azure.microsoft.com/en- us/documentation/articles/sql-database-service- tiers/#understanding-dtus
  • 15. SQL / Space / DTU Pools Geo Repl Pricing ( Azure DB )
  • 16. Pricing in Tiers and Pools ▪ Demo: Pricing options https://azure.microsoft.com/en-us/pricing/ ▪ https://azure.microsoft.com/en- us/documentation/articles/sql-database- service-tiers/
  • 17. Securing SQL Azure “[Cloud security] is a shared responsibility between the customer and the cloud vendor.” Mark Russinovich, Microsoft Azure CTO https://www.rsaconference.com/writable/presentations/file_upload/exp-w01_assume- breach-an-inside-look-at-cloud-service-provider-security.pdf
  • 18. A Cautionary Tale: Code SpaceS 1. DDoS 2. Ransom demand 3. Security breach noticed 4. Fighting back 5. Malicious destruction of assets 6. Security & Business #fail “Code Spaces has a full recovery plan that has been proven to work and is, in fact, practiced.” Data plane (data access) vs. mgmt/control plane (Portal, APIs, PowerShell)ELAPSEDTIME: 12HOURShttp://arstechnica.com/security/2014/06/aws-console-breach-leads-to-demise-of-service-with-proven-backup-plan/
  • 19. Risk Mitigation Internet Exposed RDP or SSH Endpoints Network ACLs or Host-based Firewall; Strong passwords; VPN or SSH Tunnels Virtual Machine Missing Security Patches Keep Automatic Updates Enabled; Web Application Vulnerability Securing Azure Web Applications; Vulnerability scan/penetration test Weak Admin/Co-Admin Credentials Azure Multi-Factor Authentication; Subscription Management Certificate Unrestricted SQL Endpoint Azure SQL Firewall Storage Key Disclosure Manage Access to Storage Resources Insufficient Security Monitoring Azure Security and Log Management; Top Azure Risks Leading to Tenant Breach https://www.rsaconference.com/writable/presentations/file_upload/exp-w01_assume- breach-an-inside-look-at-cloud-service-provider-security.pdf
  • 20. SSO for Built-In Services Use same AAD where makes sense across • Azure • Office 365 • Visual Studio Team Services • Windows 10 (Intune) • Azure SQL Database (!)
  • 21. Prefer RBAC to Co-Admin • Co-Admin only option on Classic Portal • RBAC only available on portal.azure.com • New portal support not 100% • https://azure.microsoft.com/en-us/documentation/articles/role-based-access-built-in- roles/ • https://azure.microsoft.com/en-us/documentation/articles/role-based-access-control- configure/ RBAC : Role Based Access Control ( IAM )
  • 22. 1. Always Encrypted 2. TDE, CLE 3. Data Masking 4. Auditing 5. Firewall Protecting Your SQL Database ( Demo )
  • 23. Firewalls • SQL DB Server • Database Level: sp_set_firewall_rule • Or SSMS beim Login
  • 24. Data Masking • Dynamic Data Masking: • https://azure.microsoft.com/en-us/documentation/articles/sql-database-dynamic-data-masking- get-started/ • Server-side
  • 25. SQL DB Data Encryption Always Encrypted • Transparent Data Encryption • Server-side • Always Encrypted: https://azure.microsoft.com/en- us/updates/public-preview-always-encrypted- for-azure-sql-database/ • Client-side
  • 26. • GEO-REPL Backup / Point In Time Recovery Disaster Recovery and Business Continuity
  • 28. Some Best Practices (Azure Iaas) • Start the deployment with Lower Specification. • Use DS Series VMs and User Premium storage for higher throughput • Disable geo-redundant storage on the storage accounts. • Enable read caching on the disks hosting the data files and TempDB. • Disable caching on the logs disk. • Strip multiple disks to achieve higher IOPs. • Move all databases to separate disks. (Not in OS disks) • Disable autogrow • Enable instant file initialization for data files.
  • 29. • • • • Blue or Red? Azure SQL Database SQL Server in Azure VM
  • 30. Resources • Pass or Iaas https://docs.microsoft.com/en-us/azure/sql- database/sql-database-paas-vs-sql-server-iaas
  • 31. Q & A Vielen Dank für eure Zeit. @LarsPlatzdasch http://blog.platzdasch.de