You may experience decreased performance in some features of SQL Server 2005 when you use EFS to encrypt database files

Article translations Article translations
Article ID: 922121 - View products that this article applies to.
Expand all | Collapse all

SUMMARY

You may experience decreased performance in some features of Microsoft SQL Server 2005 when you use Encrypting File System (EFS) to encrypt the database files.

MORE INFORMATION

When you use EFS to encrypt a database file, the complete content of the database file is encrypted. This occurs regardless of the actual data and metadata that is contained in the database file. We recommend that you use EFS in scenarios where physical media loss is possible.

When SQL Server 2005 performs an I/O operation on an EFS encrypted database file, the I/O operation is synchronous. Therefore, you may experience decreased performance in some features of SQL Server 2005. For example, performance of the read-ahead feature and of the checkpoint feature may be decreased.

When a SQL Server worker thread performs an I/O operation on an EFS encrypted database file, the worker thread waits until the current I/O operation on the EFS encrypted database file is completed. Additionally, the SQL Server scheduler will be stalled until the current worker thread continues. Therefore, the SQL Server worker threads that remain on the SQL Server scheduler will be pending until the first worker thread continues the I/O operation. In this scenario, the performance of SQL Server 2005 is decreased.

You can avoid this problem by using the SQL Server 2005 native encryption feature in server installations of SQL Server 2005.

If you must use EFS to encrypt the database files in a SQL Server 2005 installation, you can specify the SQL Server I/O affinity mask option. For more information about the affinity I/O mask option, see the following article at SQL Server books online:
http://msdn2.microsoft.com/en-us/library/ms189629.aspx
When you use the SQL Server I/O affinity mask option, I/O operation requests on EFS encrypted database files are assigned to a separate SQL Server scheduler. Although the I/O operations are still synchronous with EFS encrypted database files, the SQL Server worker thread will continue without waiting for the current I/O operation with the EFS encrypted database file to be completed.

Note Alternatively, you may want to consider hosting the EFS encrypted database files on a separate instance of SQL Server 2005.

For more information about how to set the SQL Server I/O affinity option, click the following article number to view the article in the Microsoft Knowledge Base:
298402 INF: Understanding how to set the SQL Server I/O affinity option

Properties

Article ID: 922121 - Last Review: November 20, 2007 - Revision: 1.3
APPLIES TO
  • Microsoft SQL Server 2005 Express Edition
  • Microsoft SQL Server 2005 Express Edition with Advanced Services
  • Microsoft SQL Server 2005 Standard Edition
  • Microsoft SQL Server 2005 Workgroup Edition
  • Microsoft SQL Server 2005 Developer Edition
  • Microsoft SQL Server 2005 Enterprise Edition
  • Microsoft SQL Server 2005 Standard X64 Edition
  • Microsoft SQL Server 2005 Enterprise X64 Edition
  • Microsoft SQL Server 2005 Standard Edition for Itanium-based Systems
  • Microsoft SQL Server 2005 Enterprise Edition for Itanium-based Systems
Keywords: 
kbtshoot kbsql2005engine kbexpertiseadvanced kbinfo KB922121

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com