Are there any gotchas with TDE on a Windows Server 2008 server (i.e., Microsoft failover clustering)
-
I am trying to use TDE (Transparent Data Encryption) for the first time on SQL Server 2008 R1 with Microsoft failover clustering on Windows Server 2008 R1. Are there any unexpected gotchas with TDE in a cluster? If NodeA owns a database during a SQL Server backup, can that backup be easily restored when NodeB owns the database at a later time, without jumping through any special encrtyption issues?
Also, how are server and cluster rebuilds impacted?
-
We haven't had any issues, you just need to ensure that all keys/certificates are on all physical nodes. The only thing I will say though is that once you enable TDE you won't receive any benefit from using backup compression.
Hope this helps,
Rich[p]
[/p] -
So far, I have only tested on one physical node, and I have made an SMK (Server Master Key), DMK (Database Master Key), and certificate backup on that node. How do I get the same keys to the other node? If I create them manually on the second node (after a failover), will those resulting keys be different?
Viewing 3 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply