Transparent Data Encryption (TDE) – Encryptionizer vs. SQL Server
NetLib® Encryptionizer® TDE offers some important advantages over MS SQL Server’s Transparent Data Encryption (TDE):
- Encryptionizer Provides Transparent Data Encryption, and optionally, Column Encryption for all versions of SQL Server from 2000 and later, and for all editions SQL Server from Enterprise to Express (including LocalDB). SQL Server’s TDE is available only in the Enterprise edition and only for SQL Server 2008 and later.
- Easy setup and configuration using point-and-click interface. No programming required.
- Possible to encrypt System databases including Master and TempDB.
- Database keys are stored outside of SQL Server, including alternate locations such as network, removable media, Encryptionizer Key Manager (EKM), or Townsend Security Alliance Key Manager (AKM)
- Encryptionizer’s Transparent Data Encryption has virtually no impact on database performance (<1%) on a properly sized server. Some benchmark reports show SQL Server TDE to have greater impact on performance between 5-10%
- Clients have found significant cost savings using SQL Standard and layering Encryptionizer versus purchasing SQL Server Enterprise Edition.
- Support for FILESTREAMS (SQL Server 2008 and later).
- Supports SQL Server Compressed Backups (WITH COMPRESSION).
- Possible to dynamically encrypt non-database files and folders on the server, such as documents, spreadsheets, PDFs, Multimedia, Access databases, etc.
- Optional centralized key management with Encryptionizer Key Manager (EKM).
- Can integrate with Encryptionizer Desktop Edition to dynamically encrypt documents, spreadsheets and other result sets brought down to the desktop/laptop.
- Allows split knowledge of keys (PCI DSS)
- Separate from and outside of SQL Server Security
- Runs in FIPS mode even without putting entire machine in FIPS mode.