Understanding DbDefence with SQL Server cluster

DbDefence can be used on clustered servers.

DbDefence has to be installed on each node of the cluster. Each node of the cluster requires a license.

Installation on Failover Cluster

1. Install DbDefence on the active node.

2. Activate the DbDefence license.

3. Failover to the second node

4. Install DbDefence on the second node.

5. Activate the DbDefence license.

Installation on AlwaysOn High Availability cluster

1. Install DbDefence on a node.

2. Activate the DbDefence license.

3. Repeat for each node.

Database encryption with AlwaysOn High Availability

The following assumes that you have working database.

1. Install DbDefence on both nodes.

2. To encrypt the database, you need to temporarily remove it from HA group on the active node:

ALTER AVAILABILITY GROUP [TestGroup] REMOVE DATABASE [TestDB]

3. Encrypt the database on the active node.

4. Return the database to the HA group:

ALTER AVAILABILITY GROUP [TestGroup] ADD DATABASE [TestDB]

5. Failover to the second node. Manual failover requires SYNCHRONOUS_COMMIT mode. More about planned failover here.

6. Remove the database from HA group.

7. Encrypt the database.

8. Return the database to the HA group.

Database encryption with Failover cluster

1. Simply connect to the server and encrypt the database.