Azure SQL Database - The intelligent cloud database for app developersBob WardPrincipal ArchitectData Group, Tiger Team

bobward@microsoft.com@bobwardms, #bobsql

Deck on slideshare.net

Azure SQL Database

• Database provisioning on-demand• Predictable performance and costs• 99.99% availability built-in• Geo-replication and restore services for data

protection• Fully compatible with SQL Server 2016 databases

Worlds most sophisticated fully managed SQL database service that lets you focus on your business

AzureSQL Database

SQL

SQL Server in Azure VM

Azure SQL Data

WarehouseDW

Scales on the fly

Azure SQL DatabaseIntelligent cloud database for app developers

Learns & adapts

Works in your environment

Secures and protects

Redefines multi-tenancy

Scaling: Predictable perf for databasesSingle databases are allocated isolated resourcesBasic, Standard, and Premium tiers provide increasing performance levelsScale up/down on the fly, onlineHourly billing at highest performance level that hour

5 10 20 50 100 250 1750DTUs

BS0S1 S2 S3P2

P11

P1

125

P4

500

P6

1000 4000

P15

Predictable workloadsSingle databases or partitioned data across multiple

databases; scale between service tiers and performance levels as capacity needs fluctuate.

Scal

e da

taba

ses

up

as n

eede

d

Scale out/in the pool

reads/writes

reads/writes

read

s/writ

es

reads/

writes

…

Single database or partitioned databases

Customer1

Customer2

Customer3 Customer

#N…

Unpredictable workloadsFor large numbers of databases with unpredictable performance demands; pool resources to be shared between these databases.

Elastic Database Pool

Data

base

s co

nsum

e re

sour

ces

as n

eede

d

Managing large numbers of Databases

Demo – Database Provisioning

Create New Azure SQL Database

ISVs and SaaS

Multi-tenant software as a service using thousands of databases to service their cloud hosted customers

Application patterns and customersEnterprise Apps Serving Customers

Enterprise AppsServing Employees

Applications designed for elasticity and scale with agile operational model for serving customers and their devices

Line of business applications empowering employees while removing CAPEX, reducing OPEX

Security Officer Developer App User

Azure SQL Database

Faster Cheaper

More secure

What do database customerswant ?

Web Application

Security Officer Developer App User

Web Application

Azure SQL Database

Performance Expert

Costs Expert

The intelligent cloud database for app developers

Meet your new SQL experts

Security Expert

The intelligent cloud database for app developers

Optimize your costsElastic Pools Recommendations to help you identify opportunities to save money by using elastic database pools

Query Insights for monitoring, including events from partner solutions

Maximize app performance Performance Recommendations tailored to your database workload to keep your applications running at max speed

Auto Tuning mode to let SQL DB service automatically tune your DB performance

Secure your dataSecurity Recommendations to help you secure your sensitive data using actionable recommendations.

Threat Detection for identifying and investigating suspicious database activities indicating a potential threat to the DB

Maximize app performance Performance Recommendations Auto Tuning

Why database performance is importantKeeping database applications running at max speed

Critical for end-user satisfaction and overall business success

It needs to be an ongoing process(most users do it reactively today)

Requires significant expertise to understand and master

Most DB users are Devs, not DBAs

Developer

App User

Web Application

Database

Developer needs to find and fix the underlying problem, ASAP

Customer reports the issue(app is slow/unresponsive)

Easily improve your application performanceSQL Database Advisor Perf tuning recommendations

tailored to each DB

Based on actual usage, adjusted automatically as the app evolves

Service does all the heavy lifting (implement, measure, revert)

System produces the recommendations

App User

Web Application

Azure SQL DB

Developer chooses which recommendations to apply

Developer

SQL Database Advisor

Continuously tune your DB as your app evolvesAutomatic Performance TuningOngoing tuning is needed

due to app changes/evolution

It’s really hard for a human to monitor/tune 1000s of DBs

Full transparency & audit logs available

SQL Database Advisor

System produces and automatically applies the recommendations

Web Application

Azure SQL DB

Developer controls the Automatic Tuning policy

Developer

Tuning the performance for 1000s of DBs

Builds document lifecycle management systems for global markets

Leverages SQL Database as a back end for their SaaS product

Uses Database Advisor to keep their application running at max speed

“We find Database Advisor very useful for tuning DB

performance”Christoph Weidling, Director R&D

Demo - Maximize app performance Performance Recommendations Automatic Tuning

Optimize your costsElastic Pools RecommendationsQuery Insights

Great apps still need to be cost-effectiveKeeping your database costs under control Optimize DB SKU choice

Which DB SKU is the right one for my application?

How to support peak-and-valley usage patterns?

How to support 1000s of DBs?

Optimize app query patterns

How are my DB resources being spent?

What are the TOP resource consuming queries in my app?

From DB performance analysisto improving the application

Perfect solution for multi-tenant apps• Cap your spending• Share resources, maximize

utilization• Gain customer isolation• Easy management at-scale

Tailored recommendations on when to use and how to configure Elastic Pools

Running multi-tenant DB apps cost-effectivelyElastic Database Pools

Basic Standard Premium

125 200 400 1,000 1,200

Min/max DTUs per second per DB

Customer

1Customer

N

Customer

2…

Optimize your application to reduce costsQuery Performance InsightsIdentify TOP queries by

Resource utilizationDurationFrequency of execution

Easily find the “bad” query

Based on Query Store data

Query Perf.

Insights

System analyzes the usage and provides the insights

Web Application

Azure SQL DB

Developer

Developer identifies bad queries and improves the app

Easily manage 1000s of DBs using Elastic Pools

Umbraco is a CMS used by 350K websites.

Umbraco-as-a-service provides unlimited hosting, smooth deployments, and automated upgrades using Elastic Pools.

Umbraco leverages Elastic Pools to get great performance and easy management for their many DBs at a favorable price point.

“Elastic pools are a really great fit for Umbraco-as-a-service. The price point is very attractive, which is essential to our

SaaS offering,”Morten Christensen, Tech Lead, Umbraco

Demo - Optimize your costsElastic Pools Recommendations

Query Performance Insights

Secure your data

Security RecommendationsThreat Detection

Why SQL Security Intelligence?No organization is immune to data breaches

- No locale, industry or organization is bulletproof when it comes to the compromise of data. - 90% of Cyberespionage breaches capture trade secrets or proprietary information.

Verizon Data Breach Investigation Report 2016

• SQL injection • Credential theft• Malicious insider

ThreatsApps Azure SQL

Database

Compliance• PCI• HIPAA • FedRAMP

• Lack of knowledge• Lack of time• Lack of methods

Developers

Most Secure DatabaseSurrounded by layers of protection

Secure Code

•Secure development lifecycle•Least vulnerable last 6 years

•SQL Threat Detection •SQL Server Auditing

•Row-level Security•Dynamic Data Masking

•Always Encrypted•Transparent Data Encryption•Encryption-in-flight (TLS over TDS)

Database Access

•SQL Permissions•SQL Authentication•Windows Authentication• Azure Active Directory Auth.• SQL Firewall

Proactive Monitoring

Application Access

Data Protection

Cloud-only

Meet standard security requirementsSecurity Recommendations

Azure Security Center recommendations to

• Encrypt data on SQL database physical storage (FedRAMP and HIPAA)

• Audit and monitor SQL database activities (PCI-DSS, SOX and HIPPA)

Security Officer

Requires to meet security standards recommended by regulating authorities

One-click recommendations to enable Auditing, Threat Detection & Encryption at-rest

Developer

SQL Database

AuditLog

Transparent Data Encryption

Discover and protect sensitive data Security Recommendations

Azure SQL Database recommendations to

• Discover sensitive data

• Define masking rules that obfuscate sensitive data in query results

On-the-fly obfuscation of data in query results

Phone Number

XXX-XXX-5796

XXX-XXX-1978App user/Engineer

One-click recommendations todiscover and obfuscate sensitive data

Developer

SQL DatabaseTable.PhoneNo

1-313-555-5796972-4-777-1978

Masking Policy

Pass security audits for databasesSecurity Recommendations

My company stores a lot of sensitive information for a range of high profile organizations in SQL Azure

SQL security recommendations for TDE, Auditing and Data Masking make it easier comply with security standards such as ISO27001

More details http://goo.gl/bXPN6b

“Azure SQL Database helps me pass security

audits”Frans Lytzen, CTO

Demo - Secure your data Security Recommendations

Detects suspicious database activitiesThreat Detection

Public Preview

Developer

• Just turn it ON • Detects potential

vulnerabilities and SQL injection attacks

• Detects anomalous access activities

• Real-time actionable alerts which recommend how to investigate & remediate

Azure SQL Database

Apps

App user

External attacker

Malicious insider

AuditLog

Threat & Anomaly Detection

Turn on threat detection

Real-time alerts

Possible threat to access/breach data

Preventing SQL Injection attacks

“SQL Threat Detection helps us to prevent SQL

Injection attacks”Richard Priest, Head of Technology

My team turn on Auditing & Threat Detection on all our databases.

SQL Threat Detection enabled us to detect and fix vulnerabilities to SQL injection attacks and prevent potential threats to our databaseMore details

https://azure.microsoft.com/en-us/blog/azure-sql-database-threat-detection-your-built-in-security-expert/

Threat Detection

Demo - Secure your data Threat Detection

Azure Security Center

Azure REST API

The intelligent cloud database for app developers

Intelligent cloud

database Insights

Available anywhere

PowerShell

ApplicationInsights

Azure Portal

Database Migration Assistant

(DMA)

SQL Server Migration Assistant

(SSMA)

Maximize app performance

Performance Recommendations

Automatic Tuning

Optimize your costs

Elastic Pools Recommendations

Query Insights

Secure your data

Security Recommendations

Threat Detection

The Intelligent Cloud Database for app developersSQL Database built-in intelligence optimizes your DB

within minutes, without the need to be an expert

• Get Started with Azure SQL Database here• Azure Security Center website• Azure Government website• Azure SQL Database Blog• Get a free Azure account here

Resources

bobward@microsoft.comslideshare.net, github

@bobwardms, #bobsql