If you attended my session this morning, thank you!  It's always flattering when people are willing to wake up before 8:00 a.m. just so that they can hear a talk about SQL Server.  I had a great time doing the talk, and I think it went well.  My sincerest apologies to the person I accidentally hit in the head with the t-shirt; I ...

For some reason, the title of this blog post makes me grin because it evokes a mental image of one guy trying to comically strangle another guy.  But I digress…   Speaking at a user group meeting recently, an attendee asked whether the mirroring process had any capability to speed up or slow down its workload according to the amount of ...

If you're well-versed in using PerfMon, I'd like to hear about the counters that you use regularly and what constitutes a good or bad value.  However, it's a rare individual who knows their way around PerfMon and its multitude of performance objects and counters.  Which ones should you track?  And even if you know the ...

I guess that many people using UPDATE … FROM on a daily basis do so without being aware that they are violating all SQL standards.   All versions of the ANSI SQL standard that I checked agree that an UPDATE statement has three clauses – the UPDATE clause, naming the table to be updated; the SET clause, specifying the columns to change and ...

What does it mean if you see a high percentage of signal waits? Thanks to Microsoft whitepapers, presentations, and blogs, everybody would say it implies CPU pressure.   Well, almost everyone except Mario Broodbakker, whose excellent blog “Taking the guesswork out of SQL Server performance profiling Part 2” shows us that SQL Server signal ...

A frequently asked question is what counters should be included in a SQL Server baseline. The discussion then quickly proceeds to define a set of perfmon counters to be logged as the performance baseline. And often, people seem to have an urge to try to reduce the baseline to a small number of perfmon counters that may cover processors, memory, ...

To many, this is an old and tired topic, and any more mention of ad hoc queries versus parameterized queries may just send someone off the deep end.   But recently I was doing some Oracle benchmarks, and the benchmark tool reported ~1,200 transactions per second. A transaction in this case was a simple SELECT with a join on the indexed ...

Remember the How Is Your Sensitive Data Encrypted In The Database? post I wrote a while back? A colleague just informed me that he got a letter from that same datacenter. The letter states that his personal data was on one of those servers which got stolen. I told him that this is the reason we encrypt our data and also why we encrypt outside ...

Microsoft publishes a list of so-called Common Engineering Criteria that its products should be compliant with. And this list is updated every year to keep up with the new technology and business development. Among the new criteria added this year, the following caught my eyes: Safe for Image-based Deployment With the increased ...

Brian Kelly on his blog mentiones a whitepaper by Cesar Cerrudo: Data0: Next generation malware for stealing databases. This whitepaper describes how malware could be crafted to steal information out of databases. The attack will use the following techniques: Discovery Exploitation Escalate Privileges (if necessary) Cover ...