Feel free to call us toll free at +1.800.357.1019.

If you are in the area you can reach us at +1.360.359.4400.

Standard support
6:30am - 4:00pm PST, Monday - Friday, Free

Premium support
If you own Townsend Security 24x7 support and
have a production down issue outside normal
business hours, please call +1.800.349.0711
and the on-call person will be notified.

International customers, please dial +1.757.278.1926.

Townsend Security Data Privacy Blog

What are the Performance Impacts of TDE Encryption on SQL Server?

Posted by Luke Probasco on Nov 23, 2011 8:00:00 AM

sql-logo.jpgTownsend Security hosts a monthly webinar on a wide variety of topics ranging from encryption and key management best practices to what’s new with compliance regulations such as PCI DSS.  If you haven’t had a chance to attend any of our webinars yet, sign up for our newsletter and we’ll make sure you know what is coming up next.

During our recent packed webinar, “Encryption Key Management with Microsoft SQL Server” we were asked some great questions from the audience and would like to share them with you on our blog.  Upcoming questions include “How often do I need to rotate encryption keys on my SQL Server?” and “How does encryption key management work in High Availability (HA) and disaster recovery scenarios?

Here is part one in our series of questions from this webinar.  As always, if you still have any questions, send them our way and we will promptly get back to you.

What are the performance impacts of TDE encryption on Microsoft SQL Server?

Encryption really has a reputation for being CPU intensive.  There is good news on this front for Microsoft customers because I think the people in the SQL Server group did a really great job at performance tuning data encryption within the SQL Server environment.  If you look at what Microsoft says about turning on TDE (Transparent Data Encryption), they say you will pay a 2-4% performance penalty when encryption is enabled.  That is actually very excellent performance.  In our experience, it is actually closer to 2%.  More complex environments may get a little higher than that.

Microsoft will tell you that there is a little more performance penalty around Cell Level or Column Level encryption.  I think that is probably true too, but still I think they have done a great job of making a good solution that performs quite well.

Stay tuned for our next post on “How often do I need to rotate encryption keys on my SQL Server?” and “During Cell Level or Column Level encryption, will the database be locked during the re-encryption process?”  In the meantime, view a recording of “Encryption Key Management with Microsoft SQL Server”.

Encryption and key management for SQL Server

Topics: Encryption, SQL Server 2008

The Definitive Guide to AWS Encryption Key Management
Definitive Guide to VMware Encryption & Key Management


Recent Posts

Posts by Topic

see all