Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Introducing Microsoft SQL Server 2019
  • Table Of Contents Toc
Introducing Microsoft SQL Server 2019

Introducing Microsoft SQL Server 2019

By : Kellyn Gorman , Allan Hirt , Dave Noderer , Mitchell Pearson , James Rowland-Jones , Dustin Ryan , Arun Sirpal , Buck Woody
Buy this Book
close
close
Introducing Microsoft SQL Server 2019

Introducing Microsoft SQL Server 2019

By: Kellyn Gorman , Allan Hirt , Dave Noderer , Mitchell Pearson , James Rowland-Jones , Dustin Ryan , Arun Sirpal , Buck Woody
Buy this Book

Overview of this book

Microsoft SQL Server comes equipped with industry-leading features and the best online transaction processing capabilities. If you are looking to work with data processing and management, getting up to speed with Microsoft Server 2019 is key. Introducing SQL Server 2019 takes you through the latest features in SQL Server 2019 and their importance. You will learn to unlock faster querying speeds and understand how to leverage the new and improved security features to build robust data management solutions. Further chapters will assist you with integrating, managing, and analyzing all data, including relational, NoSQL, and unstructured big data using SQL Server 2019. Dedicated sections in the book will also demonstrate how you can use SQL Server 2019 to leverage data processing platforms, such as Apache Hadoop and Spark, and containerization technologies like Docker and Kubernetes to control your data and efficiently monitor it. By the end of this book, you'll be well versed with all the features of Microsoft SQL Server 2019 and understand how to use them confidently to build robust data management solutions.
Table of Contents (15 chapters)
close
close
close
Preface
Icon
Preface
Icon
About Microsoft SQL Server 2019
1
1. Optimizing for performance, scalability and real‑time insights
Icon
1. Optimizing for performance, scalability and real‑time insights
Icon
Hybrid transactional and analytical processing (HTAP)
Icon
Clustered Columnstore Indexes
Icon
Disk-based tables versus memory-optimized tables
Icon
In-memory OLTP
Icon
Planning data migration to memory-optimized tables
Icon
Natively compiled stored procedures
Icon
TempDB enhancements
Icon
Intelligent Query Processing
Icon
Hybrid Buffer Pool
Icon
Query Store
Icon
Automatic tuning
Icon
Lightweight query profiling
Icon
Columnstore stats in DBCC CLONEDATABASE
Icon
Estimate compression for Columnstore Indexes
Icon
Troubleshooting page resource waits
Lock Free Chapter
2
2. Enterprise Security
chevron up
Icon
2. Enterprise Security
Icon
SQL Data Discovery and Classification
Icon
SQL Vulnerability Assessment
Icon
Always Encrypted
Icon
Confidential computing with secure enclaves
Icon
Dynamic Data Masking
Icon
Row-Level Security
Icon
Auditing
Icon
Securing connections
Icon
Azure SQL Database
3
3. High Availability and Disaster Recovery
Icon
3. High Availability and Disaster Recovery
Icon
SQL Server availability feature overview
Icon
What About Database Mirroring and Replication?
Icon
Availability improvements in SQL Server 2019
Icon
Windows Server 2019 availability enhancements
4
4. Hybrid Features – SQL Server and Microsoft Azure
Icon
4. Hybrid Features – SQL Server and Microsoft Azure
Icon
Backup to URL
Icon
The storage account
Icon
SQL Server data files in Azure
Icon
File-snapshot backups
Icon
Extending on-premises Availability Groups to Azure
Icon
Replication to Azure SQL Database
Icon
Transactional replication
5
5. SQL Server 2019 on Linux
Icon
5. SQL Server 2019 on Linux
Icon
2019 platform support
Icon
Why move databases to SQL Server on Linux?
Icon
Machine Learning Services on Linux
Icon
Kubernetes
Icon
Working with Docker and Linux
Icon
Change data capture
Icon
Hybrid Buffer Pool and PMEM
Icon
Distributed Transaction Coordinator on Linux
Icon
Replication
Icon
SQL Server tools
Icon
Command-line query tools for SQL in Linux
Icon
Enhanced focus on scripting
Icon
The SQL DBA in the Linux world
Icon
Windows Subsystem for Linux
6
6. SQL Server 2019 in Containers and Kubernetes
Icon
6. SQL Server 2019 in Containers and Kubernetes
Icon
Why containers matter
Icon
Container technical fundamentals
Icon
Deploying an SQL Server container using Docker
Icon
Customizing SQL Server containers
Icon
Availability for SQL Server containers
7
7. Data Virtualization
Icon
7. Data Virtualization
Icon
Data integration challenges
Icon
Introducing data virtualization
Icon
Data virtualization use cases
Icon
Contrasting data virtualization and data movement
Icon
Data virtualization in SQL Server 2019
Icon
Secure data access
Icon
External data sources
Icon
External file formats
Icon
PolyBase external tables
Icon
Installing PolyBase in SQL Server 2019
Icon
Installing PolyBase as a scale-out group
Icon
Bringing it all together: your first data virtualization query
8
8. Machine Learning Services Extensibility Framework
Icon
8. Machine Learning Services Extensibility Framework
Icon
Machine learning overview
Icon
SQL Server 2019 Machine Learning Services architecture and components
Icon
Machine learning using the Machine Learning Services extensibility framework
Icon
Java and machine learning in SQL Server
Icon
Machine learning using the PREDICT T-SQL command
Icon
Machine learning using the sp_rxPredict stored procedure
Icon
Libraries and packages for machine learning
Icon
Management
Icon
Using the team data science process with Machine Learning Services
9
9. SQL Server 2019 Big Data Clusters
Icon
9. SQL Server 2019 Big Data Clusters
Icon
Big data overview
Icon
Applying scale-out architectures to SQL Server
Icon
SQL Server 2019 big data cluster components
Icon
Installation and configuration
Icon
Programming SQL Server 2019 big data clusters
Icon
Management and monitoring
Icon
Security
10
10. Enhancing the Developer Experience
Icon
10. Enhancing the Developer Experience
Icon
SQL Graph Database
Icon
Java language extensions
Icon
JSON
Icon
UTF-8 support
Icon
Temporal tables
Icon
Spatial data types
11
11. Data Warehousing
Icon
11. Data Warehousing
Icon
Extract-transform-load solutions with SQL Server Integration Services
Icon
Clustered Columnstore Indexes
Icon
Partitioning
Icon
Online index management
Icon
Creating and maintaining statistics
Icon
Statistics for columnstore indexes
Icon
Modern data warehouse patterns in Azure
Icon
Introduction to Azure SQL Data Warehouse
Icon
Best practices for working with Azure SQL Data Warehouse
Icon
Using Azure Data Factory
Icon
Copying data to Azure SQL Data Warehouse
Icon
Hosting SSIS packages in ADF
Icon
Azure Data Lake Storage
Icon
Azure Databricks
Icon
Working with streaming data in Azure Stream Analytics
Icon
Analyzing data by using Power BI – and introduction to Power BI
12
12. Analysis Services
Icon
12. Analysis Services
Icon
Introduction to tabular models
Icon
Introduction to multidimensional models
Icon
Enhancements in tabular mode
Icon
Introducing DAX
Icon
Writing DAX queries
Icon
Using variables in DAX
Icon
Introduction to Azure Analysis Services
13
13. Power BI Report Server
Icon
13. Power BI Report Server
Icon
SSRS versus Power BI Report Server
Icon
Report content types
Icon
Migrating existing paginated reports to Power BI Report Server
Icon
Exploring new capabilities
Icon
Managing parameter layouts
Icon
Developing KPIs
Icon
Publishing reports
Icon
Managing report access and security
Icon
Publishing mobile reports
Icon
Viewing reports in modern browsers
Icon
Viewing reports on mobile devices
Icon
Exploring Power BI reports
Icon
Automating report delivery with subscriptions
Icon
Pinning report items to the Power BI service
14
14. Modernization to the Azure Cloud
Icon
14. Modernization to the Azure Cloud
Icon
The SQL data platform in Azure
Icon
Deployment of a managed instance in Azure
Icon
Migrating SQL Server to Managed Instance
Icon
Creating an Azure VM from the Azure portal
Icon
Storage options for VMs
Icon
Diagnostics and advanced options
Icon
Creating a SQL Server 2019 VM from the command line in Azure
Icon
Security for SQL Server on an Azure VM
Icon
SQL Server IaaS agent extension
Icon
Disaster Recovery environment in the cloud

Azure SQL Database

Security is absolutely at the forefront of Microsoft's strategy, and this is no different when operating with their cloud services. If you want to run database workloads in Microsoft Azure, you can be assured that Azure SQL Database (the PaaS offering) has all the features mentioned in this chapter so far, and more. For the remainder of this chapter, Azure SQL Database's specific security features will be discussed.

SSL/TLS

SSL/TLS is enforced for all connections. This means that data between the database and client is encrypted in transit (as mentioned in the previous section). For your application connection string, you must ensure that Encrypt=True and TrustServerCertificate=False because doing this will help prevent man-in-the-middle attacks. No manual certificate configuration is needed; this is all done by Microsoft as the default standard.

A typical connection string should look like this:

Server=tcp:yourserver.database.windows.net,1433;Initial Catalog=yourdatabase;
Persist Security Info=False;User ID={your_username};Password={your_password};MultipleActiveResultSets=False;Encrypt=True;
TrustServerCertificate=False;Connection Timeout=30;

Firewalls

Microsoft implements a "deny all by default" policy for Azure SQL Database. That is, when you create a "logical" SQL server in Azure to host your database you as the administrator will need to make further configuration changes to allow for successful access. This is usually in the form of firewall rules (which can be scoped to the server level or the database level), where you would state which IP addresses are allowed access and Virtual Network (VNet) rules.

VNet rules should be implemented where possible. A VNet contains a subnet address; you can then create a VNet rule that is scoped to the server level, which will allow access to databases on that server for that specific subnet. This means that if you have virtual machines built within a specific subnet bound to the VNet rule, it will have access to Azure SQL Database (assuming that the Microsoft.sql endpoint is enabled). Both firewall rules and VNet rules can be used together if there is a need.

Azure Active Directory (AD) authentication

With Azure AD authentication, you can now centrally manage database users from one central location. This approach is not only much more secure than SQL Server authentication, but also allows for password rotation to occur in a single place. You can control permissions via groups, thus making security management easier. Configuring this feature will also allow you to connect to the database using multi factor authentication (MFA), which includes verification options such as text messages, phone calls, mobile app integration, and smart cards with PINs. This idea of MFA is also built into tools such as SSMS, thus providing an extra layer of security for users that require access to Azure SQL Database. It is a highly recommended approach.

The trust architecture is shown in Figure 2.47 and the setup is simple:

Figure 2.48: The trust architecture
Figure 2.34: The trust architecture

Complete configuration steps can be found at https://docs.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication. Once configuration is complete, you will be able to issue the following code to create an Azure AD-based database user once you have connected to the "logical" SQL Server as the Azure AD Admin user:

CREATE USER [[email protected]]
FROM EXTERNAL PROVIDER;
GRANT CONNECT TO [[email protected]]
EXEC sp_addrolemember 'db_datareader', '[email protected]';

Advanced data security

Advanced Data Security (ADS) is a suite of advanced features that you can enable for a small cost. The cost of this is based on Azure Security Center standard tier pricing (it's free for the first 30 days). The cost includes Data Discovery & Classification, Vulnerability Assessment (similar to what we discussed previously for on-premises SQL servers), and Advanced Threat Protection for the server:

Figure 2.49: ADS Suite dashboard
Figure 2.35: ADS suite dashboard

To enable this, you will need to navigate to the Security section of the database via the Azure portal:

Figure 2.50: Setting up a security alert on the Azure portal
Figure 2.36: Setting up a security alert on the Azure portal

Once you have selected the Advanced Data Security section, you will be prompted with the cost associated with the feature:

Figure 2.51: Cost prompt dialogue
Figure 2.37: Cost prompt dialog

Finally, you will then have the option of enabling the setting as shown here:

Figure 2.52: Advanced Data Security Dialogue
Figure 2.38: Advanced Data Security dialog

Advanced threat detection

Threat detection is the only feature from the previous section that is not available with on-premises SQL Server 2019, but it is available with Azure SQL Database. This service detects anomalous activities that indicate unusual and potentially harmful attempts to access or exploit databases such as SQL injection, brute force attacks, and unknown IP address analysis. Microsoft analyzes a vast amount of telemetry regarding cloud network activity and uses advanced machine learning algorithms for this proactive service. It is best practice to enable this setting. There is a cost associated with it, but the benefit outweighs this minimal cost. Cyber attacks are becoming more sophisticated, and this is where threat prevention and detection tools form an important piece of your defense strategy. This setting can be applied to the server or the database.

Figure 2.48 shows a real-time email alert being sent to administrators:

Figure 2.53: Real-time vulnerability alert
Figure 2.39: Real-time vulnerability alert

You can see the VULNERABLE STATEMENT that was used; a classic SQL injection-style attack was detected.

Hopefully, you can see the vast amount of effort that has gone into Azure SQL Database and SQL Server 2019 regarding security. All the tools and features discussed in this chapter, when put together, will help you create an enterprise-level data platform of trust.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Introducing Microsoft SQL Server 2019
End of Chapter 2
Next Chapter
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon