November 1, 2011 at 1:07 pm
To meet governance compliance we need to implement TDE. We want to go with either a soft- or hardware-based product to centrally manage the keys. I am looking for some suggestions on vendors or products that work very well. I have started putting together a list, but welcome any input I can get.
November 2, 2011 at 12:49 pm
Which software is on your list at the moment?
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
November 4, 2011 at 2:49 pm
I have added Thales and Safenet. On a related note, my boss wants to use Microsoft Certificate services to manage encrypted keys for TDE I SQL 2008. Have you heard of this?
November 4, 2011 at 6:54 pm
I had not, but i just looked it up and it appears it will handle the requirement you have to "centrally manage the keys". At least according to the brochure. Please post back once you settle on a technology.
Edit: I have since learned that Certificate Services can only manage some of the optional public keys that might be used to encrypt other keys in a layered SQL Server encryption approach, but that Certificate Services does not appear to be able to manage the private TDE key itself.. The private TDE key must be stored in either the master database of the instance or in an EKM and it does not appear as if Certificate Services can function as an EKM.
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply