Veeam Explorer for Microsoft SQL Server - TDE Inquiry

[richfromgot]

Hello

I am in the middle of testing TDE using testing databases in SQL Server before deciding to enable TDE on our production databases. I have tested Veeam B&R's(Using Veeam Explorer for Microsoft SQL Server) ability to backup and restore a TDE encrypted database successfully.

Architecture Overview:

Database server hosting production and test databases. VM hosting Veeam Backup & Replication on a separate App server which runs full backups of the production database server. Veeam Explorer for Microsoft SQL Server's feature to restore individual databases within my instance is fantastic.

My only concern is after reading this post : https://www.veeam.com/kb2006

Is there any additional configuration I should be concerned with, as far as certs for TDE, in my App server VM hosting Veeam B&R or is having the cert present in the database server enough? Seems so as the test PIT restore of a test database went through without issue. Do I have to configure the staging SQL server that Veeam Explorer for SQL Server uses to recognize this certificate?

Any guidance is appreciated.

[PetrM]

Hi Richard,

Actually, I don't think that you should be concerned with some additional configuration, especially taking into account the successful test restore. As it's stated in the KB, you should have a cert on the target SQL server or on the staging server so that it will be possible to read the encrypted database. You need to configure the staging server only if you need to export data or use fine-tune restore, you may refer to this page in order to find more details regarding the staging server.

Thanks!