Post on 12-Apr-2017
transcript
Azure SQL Database - The intelligent cloud database for app developersBob WardPrincipal ArchitectData Group, Tiger Team
bobward@microsoft.com@bobwardms, #bobsql
Deck on slideshare.net
Azure SQL Database
• Database provisioning on-demand• Predictable performance and costs• 99.99% availability built-in• Geo-replication and restore services for data
protection• Fully compatible with SQL Server 2016 databases
Worlds most sophisticated fully managed SQL database service that lets you focus on your business
AzureSQL Database
SQL
SQL Server in Azure VM
Azure SQL Data
WarehouseDW
Scales on the fly
Azure SQL DatabaseIntelligent cloud database for app developers
Learns & adapts
Works in your environment
Secures and protects
Redefines multi-tenancy
Scaling: Predictable perf for databasesSingle databases are allocated isolated resourcesBasic, Standard, and Premium tiers provide increasing performance levelsScale up/down on the fly, onlineHourly billing at highest performance level that hour
5 10 20 50 100 250 1750DTUs
BS0S1 S2 S3P2
P11
P1
125
P4
500
P6
1000 4000
P15
Predictable workloadsSingle databases or partitioned data across multiple
databases; scale between service tiers and performance levels as capacity needs fluctuate.
Scal
e da
taba
ses
up
as n
eede
d
Scale out/in the pool
reads/writes
reads/writes
read
s/writ
es
reads/
writes
…
Single database or partitioned databases
Customer1
Customer2
Customer3 Customer
#N…
Unpredictable workloadsFor large numbers of databases with unpredictable performance demands; pool resources to be shared between these databases.
Elastic Database Pool
Data
base
s co
nsum
e re
sour
ces
as n
eede
d
Managing large numbers of Databases
Demo – Database Provisioning
Create New Azure SQL Database
ISVs and SaaS
Multi-tenant software as a service using thousands of databases to service their cloud hosted customers
Application patterns and customersEnterprise Apps Serving Customers
Enterprise AppsServing Employees
Applications designed for elasticity and scale with agile operational model for serving customers and their devices
Line of business applications empowering employees while removing CAPEX, reducing OPEX
Security Officer Developer App User
Azure SQL Database
Faster Cheaper
More secure
What do database customerswant ?
Web Application
Security Officer Developer App User
Web Application
Azure SQL Database
Performance Expert
Costs Expert
The intelligent cloud database for app developers
Meet your new SQL experts
Security Expert
The intelligent cloud database for app developers
Optimize your costsElastic Pools Recommendations to help you identify opportunities to save money by using elastic database pools
Query Insights for monitoring, including events from partner solutions
Maximize app performance Performance Recommendations tailored to your database workload to keep your applications running at max speed
Auto Tuning mode to let SQL DB service automatically tune your DB performance
Secure your dataSecurity Recommendations to help you secure your sensitive data using actionable recommendations.
Threat Detection for identifying and investigating suspicious database activities indicating a potential threat to the DB
Maximize app performance Performance Recommendations Auto Tuning
Why database performance is importantKeeping database applications running at max speed
Critical for end-user satisfaction and overall business success
It needs to be an ongoing process(most users do it reactively today)
Requires significant expertise to understand and master
Most DB users are Devs, not DBAs
Developer
App User
Web Application
Database
Developer needs to find and fix the underlying problem, ASAP
Customer reports the issue(app is slow/unresponsive)
Easily improve your application performanceSQL Database Advisor Perf tuning recommendations
tailored to each DB
Based on actual usage, adjusted automatically as the app evolves
Service does all the heavy lifting (implement, measure, revert)
System produces the recommendations
App User
Web Application
Azure SQL DB
Developer chooses which recommendations to apply
Developer
SQL Database Advisor
Continuously tune your DB as your app evolvesAutomatic Performance TuningOngoing tuning is needed
due to app changes/evolution
It’s really hard for a human to monitor/tune 1000s of DBs
Full transparency & audit logs available
SQL Database Advisor
System produces and automatically applies the recommendations
Web Application
Azure SQL DB
Developer controls the Automatic Tuning policy
Developer
Tuning the performance for 1000s of DBs
Builds document lifecycle management systems for global markets
Leverages SQL Database as a back end for their SaaS product
Uses Database Advisor to keep their application running at max speed
“We find Database Advisor very useful for tuning DB
performance”Christoph Weidling, Director R&D
Demo - Maximize app performance Performance Recommendations Automatic Tuning
Optimize your costsElastic Pools RecommendationsQuery Insights
Great apps still need to be cost-effectiveKeeping your database costs under control Optimize DB SKU choice
Which DB SKU is the right one for my application?
How to support peak-and-valley usage patterns?
How to support 1000s of DBs?
Optimize app query patterns
How are my DB resources being spent?
What are the TOP resource consuming queries in my app?
From DB performance analysisto improving the application
Perfect solution for multi-tenant apps• Cap your spending• Share resources, maximize
utilization• Gain customer isolation• Easy management at-scale
Tailored recommendations on when to use and how to configure Elastic Pools
Running multi-tenant DB apps cost-effectivelyElastic Database Pools
Basic Standard Premium
125 200 400 1,000 1,200
Min/max DTUs per second per DB
Customer
1Customer
N
Customer
2…
Optimize your application to reduce costsQuery Performance InsightsIdentify TOP queries by
Resource utilizationDurationFrequency of execution
Easily find the “bad” query
Based on Query Store data
Query Perf.
Insights
System analyzes the usage and provides the insights
Web Application
Azure SQL DB
Developer
Developer identifies bad queries and improves the app
Easily manage 1000s of DBs using Elastic Pools
Umbraco is a CMS used by 350K websites.
Umbraco-as-a-service provides unlimited hosting, smooth deployments, and automated upgrades using Elastic Pools.
Umbraco leverages Elastic Pools to get great performance and easy management for their many DBs at a favorable price point.
“Elastic pools are a really great fit for Umbraco-as-a-service. The price point is very attractive, which is essential to our
SaaS offering,”Morten Christensen, Tech Lead, Umbraco
Demo - Optimize your costsElastic Pools Recommendations
Query Performance Insights
Secure your data
Security RecommendationsThreat Detection
Why SQL Security Intelligence?No organization is immune to data breaches
- No locale, industry or organization is bulletproof when it comes to the compromise of data. - 90% of Cyberespionage breaches capture trade secrets or proprietary information.
Verizon Data Breach Investigation Report 2016
• SQL injection • Credential theft• Malicious insider
ThreatsApps Azure SQL
Database
Compliance• PCI• HIPAA • FedRAMP
• Lack of knowledge• Lack of time• Lack of methods
Developers
Most Secure DatabaseSurrounded by layers of protection
Secure Code
•Secure development lifecycle•Least vulnerable last 6 years
•SQL Threat Detection •SQL Server Auditing
•Row-level Security•Dynamic Data Masking
•Always Encrypted•Transparent Data Encryption•Encryption-in-flight (TLS over TDS)
Database Access
•SQL Permissions•SQL Authentication•Windows Authentication• Azure Active Directory Auth.• SQL Firewall
Proactive Monitoring
Application Access
Data Protection
Cloud-only
Meet standard security requirementsSecurity Recommendations
Azure Security Center recommendations to
• Encrypt data on SQL database physical storage (FedRAMP and HIPAA)
• Audit and monitor SQL database activities (PCI-DSS, SOX and HIPPA)
Security Officer
Requires to meet security standards recommended by regulating authorities
One-click recommendations to enable Auditing, Threat Detection & Encryption at-rest
Developer
SQL Database
AuditLog
Transparent Data Encryption
Discover and protect sensitive data Security Recommendations
Azure SQL Database recommendations to
• Discover sensitive data
• Define masking rules that obfuscate sensitive data in query results
On-the-fly obfuscation of data in query results
Phone Number
XXX-XXX-5796
XXX-XXX-1978App user/Engineer
One-click recommendations todiscover and obfuscate sensitive data
Developer
SQL DatabaseTable.PhoneNo
1-313-555-5796972-4-777-1978
Masking Policy
Pass security audits for databasesSecurity Recommendations
My company stores a lot of sensitive information for a range of high profile organizations in SQL Azure
SQL security recommendations for TDE, Auditing and Data Masking make it easier comply with security standards such as ISO27001
More details http://goo.gl/bXPN6b
“Azure SQL Database helps me pass security
audits”Frans Lytzen, CTO
Demo - Secure your data Security Recommendations
Detects suspicious database activitiesThreat Detection
Public Preview
Developer
• Just turn it ON • Detects potential
vulnerabilities and SQL injection attacks
• Detects anomalous access activities
• Real-time actionable alerts which recommend how to investigate & remediate
Azure SQL Database
Apps
App user
External attacker
Malicious insider
AuditLog
Threat & Anomaly Detection
Turn on threat detection
Real-time alerts
Possible threat to access/breach data
Preventing SQL Injection attacks
“SQL Threat Detection helps us to prevent SQL
Injection attacks”Richard Priest, Head of Technology
My team turn on Auditing & Threat Detection on all our databases.
SQL Threat Detection enabled us to detect and fix vulnerabilities to SQL injection attacks and prevent potential threats to our databaseMore details
https://azure.microsoft.com/en-us/blog/azure-sql-database-threat-detection-your-built-in-security-expert/
Threat Detection
Demo - Secure your data Threat Detection
Azure Security Center
Azure REST API
The intelligent cloud database for app developers
Intelligent cloud
database Insights
Available anywhere
PowerShell
ApplicationInsights
Azure Portal
Database Migration Assistant
(DMA)
SQL Server Migration Assistant
(SSMA)
Maximize app performance
Performance Recommendations
Automatic Tuning
Optimize your costs
Elastic Pools Recommendations
Query Insights
Secure your data
Security Recommendations
Threat Detection
The Intelligent Cloud Database for app developersSQL Database built-in intelligence optimizes your DB
within minutes, without the need to be an expert
• Get Started with Azure SQL Database here• Azure Security Center website• Azure Government website• Azure SQL Database Blog• Get a free Azure account here
Resources
bobward@microsoft.comslideshare.net, github
@bobwardms, #bobsql