I have bit confusion on Azure SQL Security pricing as below, please help in this.
Security Center has cost $15/Server/Month. While enabling advanced data security for the SQL, it says 'Turn on Advanced Data Security for all databases on this server, at the cost of 15 USD/server/month. This includes Data Discovery & Classification, Vulnerability Assessment, and Advanced Threat Protection for the server.'
Both are pointing to the same cost or do we have to pay $15+$15=$30 altogether for a SQL server?
Thanks
Regards
Sakaldeep
I got the answer here. We need to pay only once.
"The cost of ADS is aligned with Azure Security Center standard tier pricing per node, where a node is the entire SQL Database server or managed instance. You are thus paying only once for protecting all databases on the database server or managed instance with ADS."
Related
I've been getting some warnings about high utilization on our SQL Azure database server. What is the best way to monitor the utilization of that machine and try to analyze what is causing the high utilization spikes?
Log into the Azure management portal http://manage.windowsazure.com
Select your SQL Database that you interested in getting details on.
Select monitor
Let’s say you want to monitor your DTU %. Click on that line item.
Select ADD RULE
Name the rule and describe it
Specify who you want to receive the alerts.
This flow with screen shots can be found here:
http://blogs.msdn.com/b/mschray/archive/2015/09/04/monitoring-your-sql-database-in-azure.aspx
sys.resouce_stats and sys.resource_usage can be used for monitoring the resource usage. Query store feature in SQL DB v12 helps you debugging the performance issues:
http://azure.microsoft.com/en-us/blog/query-store-a-flight-data-recorder-for-your-database/
Using Dynamic Management Views
Azure SQL Database enables a subset of dynamic management views to diagnose performance problems
take look here DMV sql azure
Hello I am looking for a little Direction / Guidance. I have built an application in vb.net using visual studio for my company that manages people and equipment. This application is installed on multiple computers in the office and updates a Microsoft Access Database which resides on one of our local Network Servers in the Building. What my goal for this is to have the application access the database from any location in or out of the network. I originally built this around an Access Database because it seemed the easiest at the time, I would like to re-create this in an SQL Database but am unsure how to and or what I need to do so I have this access with the application. I am confused to how the SQL database would work with the remote access I guess.. Do I need to have an SQL Engine installed on the Server or can I have the Database file just sitting there and access it through the IP with Username and Passwords? Should I purchase server space somewhere else and go that route? Is there any links or information anyone could direct me to, I have been reading about this for days but am not getting anywhere.. Just looking for some black and white answers to steer me in the right direction!!
Thanks Everyone!
I would recommend Azure. This article describes the process for migrating from Access to Azure:
Migrating Access Databases to SQL Server/Azure SQL DB (AccessToSQL)
All major SQL RDBMS client/server systems are built around the premise that clients will he accessing the relational database management services over a network (almost always over TCP/IP for anything developed or updated within the last couple of decades).
For the nodes (clients) on your local area network this should be relatively straightforward.
For remote access I strongly recommend requiring that they access your network through a quality VPN which has been professionally configured (and, preferably, is being professionally maintained).
As for the question of locally owned equipment vs. a virtually private server (VPS) that's mostly a cost consideration with tradeoffs on reliability of access, reliability of the hardware and storage, reliability and capacity of the backup systems, and the personnel costs and availability.
A well managed VPS offering can get you past all the preliminary hurdles to the point where you can focus on your development right away. The long term decisions about Tue production environment are best deferred until you have some functionality prototyped.
I am looking at ways I can mitigate outages during Azure maintainance using SQL stacks in availability groups.
Coming up with an HA architecture for SQL 2012 on Azure threw up the following observations;
I originally considered 3 options for HADR as DB Mirroring, AlwaysOn FCI & AlwaysOn Availability Groups until it became apparent that FCI is reliant on shared storage - doable but certainly a single point of failure as this storage cannot be spread across Azure availability groups.
AlwaysOn Availbility Groups is possible but only through Enterprise licensing which puts a factor of x5 on the monthly run rate.
So unless I've missed something, unless you're prepared to spend the bucks on Enterprise SQL, you are constrained to DB mirroring - have I got this correct ?
Thanks,
SJM
There are two ways to accomplish High availability for SQL in Azure.
As it sounds like you are rolling IaaS, I would suggest reading this article: http://blogs.msdn.com/b/mvpawardprogram/archive/2014/08/18/sql-server-high-availability-in-windows-azure-iaas.aspx
If you choose, I find PaaS solutions easier to manage, I would run with SQL Azure and use the geo-replication features. More details can be found at the following link: http://azure.microsoft.com/blog/2014/09/03/azure-sql-database-standard-geo-replication/
I read in a few places that SQL Azure data is automatically replicated and the Azure platform provides redundant copies of the data, Therefore SQL Server high availability features such as database mirroring and failover cluster aren't needed.
Has anyone got a chance to investigate deeper into this? Are all those availability enhancements really not needed in Azure? Thanks!
To clarify, I'm talking about SQL as a service and not a VM hosted SQL.
The SQL Database service (database-as-a-service) is a multi-tenant database service, and your databases are triple-replicated within the data center, providing durable storage. The service itself, being large-scale, provides high availability (since there are many VMs running the service itself, along with replicated data). Nothing is needed in terms of mirroring or failover clusters. Having said that: If, say, your particular database became unavailable for a period of time, you'll need to consider how you'll handle that situation (perhaps sync'ing to another SQL Database, maybe even in another data center).
If you go with SQL Database (DBaaS), you'll still need to work out your backup strategy, and possibly syncing with another DC (or on-premises database server) for DR purposes.
More info on SQL Database fault tolerance is here.
Your desired detail is probably contained in this MSDN article of Business Continuity and Azure SQL Database (see: http://msdn.microsoft.com/en-us/library/windowsazure/hh852669.aspx). At the most basic level Azure SQL Database will keep three replicas of your database - one primary and two secondary.
While this helps with BCP / DR scenarios you may also wish to investigate ways to backup your database so you have point-in-time restore capabilities. More information on backup / restore can be found here: http://msdn.microsoft.com/en-us/library/windowsazure/jj650016.aspx
I only starting to learn about SQL Azure, have spoken to some potential clients, they say they have not chosen Azure due to the private nature of their customers information.
Reading about Azure it has firewalls to prevent unauthorised access.
I was just wonder what other way I could market Azure so that clients who potentially want to use it would not be concerned about privacy issues.
Also as I understand Azure supports Hybrid solutions where you can store data locally or remotely?
Thanks
SQL Azure is a public service and the data is stored somewhere in the cloud provider facility. With all security measures including firewalls and sentry dogs the data is still under zero customer control.
So the provider could do some backup and store it for some very long time and you might want to destroy the data ASAP and will be unable to have it done.
Also here's what technically could happen (not that I'm saying it is likely):
the provider might dispose of undestroyed hard disks
a bug could cause the authorization to fail and allow an unauthenticated user (because you see, you don't control what software updates the provider applies)
the provider employee might be bribed and copy the data
So if the user really wants privacy (or the laws say the data he deals with must be processed according to certain requirements) or he wants actual control on how the data is dealt with then a public storage service like SQL Azure is technically inapplicable for him. You trying to market Azure as providing the same level of control and security as a local facility would provide are deceiving the customer.
Sad but true and you can't lie to the compiler. There's no such thing as control over your data in a public storage service. Risks of negative outcomes are perceived as rather low, but they exist and they are real.
Yes, the Azure service bus has connecting private and public clouds as a feature. Keeping sensitive data locally may be what your clients want/need to push parts of their infrastructure to the cloud, although it will take some effort for sure to keep that separation clear, and I'm not just talking technically.
That said, marketing Azure to a client that's not ready for the cloud may very well lose you the entire deal, so make sure you're not pushing anything they aren't ready to cope with to start with.
A good starting point is the Windows Azure Trust Center to learn about Windows Azure privacy and security.
There's also a 7-part Windows Azure security best practice series on the ISV Developer Community Blog. Part 1 has links to the remaining entries, at the end of the post.
Microsoft's data centers are run by Global Foundation Services, which has its own set of security and compliance. There you'll find a data center tour video