Wednesday, March 28, 2012

Log Shipping Transaction Log Question

I am going through a security audit on our servers. We use log shipping
for a standby database. One of the questions in the audit has me
looking for answers.

"Are the transaction logs that are being shipped to the standby
database encrypted?"

I am assuming no. However, I need to know definitively. I have not been
able to find an answer in BOL or in Google. If the logs are not
encrypted, is there an option where I could send them encrypted, if
necessary?

Thanks,
JennieThey're not encrypted - there are a number of 3rd-party products
available which can reconstruct SQL commands from reading transaction
log files. I'm afraid I have no idea whether or not there is a simple
(or even a complex!) way to encrypt/decrypt them, though.|||Hi

If you are worried about encryption over the wire, then you need to do it at
network packet level as all your other traffic is sniffable.

SQL will not encrypt the files, and if you are using the built-in Log
shipping, you can't do it.

If you were to roll your own version of log shipping using scripts, you
could use a 3rd party tool the encrypt it.

Regards
----------
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland

IM: mike@.epprecht.net

MVP Program: http://www.microsoft.com/mvp

Blog: http://www.msmvps.com/epprecht/

"Phil" <philip.yale@.gmail.com> wrote in message
news:1113571698.710644.115450@.z14g2000cwz.googlegr oups.com...
> They're not encrypted - there are a number of 3rd-party products
> available which can reconstruct SQL commands from reading transaction
> log files. I'm afraid I have no idea whether or not there is a simple
> (or even a complex!) way to encrypt/decrypt them, though.

No comments:

Post a Comment