Your location:Tech News>OS>Windows 8>A brief introduction to Windows 2008 server data security

Latest News

A brief introduction to Windows 2008 server data security



Data security is a key requirement in any data service solution and the combination of Windows Server 2008 and SQL Server 2008 provides an end-to-end combination through a powerful collection based on encryption technology End data protection. Windows Server 2008 relies on built-in

data security is a key requirement in any data service solution and the combination of Windows Server 2008 and SQL Server 2008 provides an end-to-end data protection through a powerful collection based on encryption technology.

Windows Server 2008 relies on built-in IP security (IPSec) support to provide encrypted data transfer through a network connection.

Windows Server 2008 provides an enhanced IPSec implementation which simplifies configuration and reduces management costs.


  NTFS is a series of operating systems supported by the Microsoft Windows NT kernel a special network and disk quota File encryption and other disk formats designed with management security features.

  Why use NTFS?

  Compression function: including the function of compressing or decompressing drives folders or specific files.

  File encryption: It greatly enhances security.

Better scalability: NTFS partitions are much larger than FAT partitions. When the partition size increases the performance of NTFS will not decrease but in this case the performance of FAT will decrease.

  Restore disk activity logging; it allows NTFS to restore information as quickly as possible in the event of a power failure or other system problems.

The installation of domain controller and Active Directory requires NTFS.

  Remote storage: Make removable media (such as tape) more accessible thereby expanding disk space.

Disk quota: It can be used to monitor and control the amount of disk space used by a single user.

Windows Server 2008 NTFS that supports transactions it allows all operations in the NTFS file system to be controlled in one transaction and the new kernel transaction manager allows the operating system The service is added to a transaction.

  Server 2008 FILESTREAM data type enables large-scale binary data such as documents and pictures to be stored directly in an NTFS file system; documents and pictures are still the main components of the database and maintain the consistency of transactions .

  FILESTREAM allows traditional large binary data managed by the database to be stored outside the database as separate files and they can be accessed by using an NTFS stream API. Use NTFS stream API to make common file operations can be executed effectively while providing all rich database services including security and backup.

The NTFS of transaction can also communicate with MS DTC (Distributed Transaction Center). In this way the application program can be composed of database calls including file system operations (such as a document management system). The transaction function is based on the SMB 2.0 (Server Message Module) protocol so a distributed file operation can be included in a transaction.


The transparent data encryption (TDE) in SQL Server 2008 you can choose the same as in SQL Server 2005 Use unit-level encryption or use TDE for full database-level encryption or file-level encryption provided by Windows.

It is designed to provide static protection for the entire database without affecting existing applications. Encrypting the database traditionally involves complex application changes such as modifying table schemes deleting functions and significant performance degradation.

  TDE simply encrypts everything all data types keys indexes etc. These can be used completely without sacrificing security or leaking information on the disk.

TDE is file-level which is similar to two Windows features: File Encryption System (EFS) and Drive Encryption.

TDE does not replace unit-level encryption EFS or BitLocker. TDE is suitable for mass encryption and it can meet regulatory compliance or public data security standards.

  TDE protects data when data files or backup files are accessed and copied. When the support for the hardware security module is combined with it TDE provides an effective way to protect the data stored in the database on the desktop computer. This encryption ensures that when the computer is lost or stolen the database cannot be opened without the corresponding security hardware module. In order to better protect data Windows Server 2008 provides enhanced Microsoft BitLocker drive encryption technology which can be used to encrypt all hardware disks in the computer.

  SQL Server 2008 further expands this capability. By supporting encrypted database connections it provides protection for data transmission over the network and also provides new Powerful display data encryption (TDE) function. TDE encrypts the data in the database and backup files without having to make any changes to the client application that accesses the data.


  SQL Server 2008 and Windows Server 2008 combined together provide a very attractive in terms of security compliance and high effectiveness An eye-catching solution.

?Algorithm update: Google Play encourages developers to pay more attention to application quality |

Recommend article

Relate article