Encryption Questions

  • Has anyone implemented encryption-at-rest? How much extra overhead as far as memory and cpu pressure did it introduce? I've read anything from 3 % to 30 % increase in cpu and memory usage due to turning on TDE.

    FWIW, we have databases that are about 3/4 of a terabyte in size, sitting on SSD drives, part of an AG that replicate themselves to a whole other data center.

  • There shouldn't be any change in memory usage. The pages database pages are still the same size, encrypted on disk, decrypted in memory.

    The big thing is backup compression. Since an encrypted database means encrypted backups, compressing has almost no effect on backup size. (page and row compression still works as expected)

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass
  • GilaMonster (3/31/2016)


    There shouldn't be any change in memory usage. The pages database pages are still the same size, encrypted on disk, decrypted in memory.

    The big thing is backup compression. Since an encrypted database means encrypted backups, compressing has almost no effect on backup size. (page and row compression still works as expected)

    Oh, good to know about the backup size. We're going to need more tapes then 🙂

    What about CPU usage? Does the 3% - 30% statistic sound correct? That might be enough if it hits the higher statistic that we need more cores.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply