Azure SQL Database Managed Instance (Part 1 - Overview)

Share this blog :Share on Facebook
Tweet about this on Twitter
Share on LinkedIn


Azure SQL Database Managed Instance (preview) is a new capability of Azure SQL Database, providing near 100% compatibility with SQL server on-premises and a native virtual network (VNet) implementation that addresses common security concerns. With this, existing SQL Server customers can lift and shift their on-premises applications to the cloud with minimal database changes by preserving all PaaS capabilities.

Key features and capabilities of Managed Instance:

PaaS benefits Business continuity
    • No hardware purchasing and management
    • No management overhead for managing underlying infrastructure
    • Quick provisioning and service scaling
    • Automated patching and version upgrade
  • Integration with other PaaS data services
    • 99.99% uptime SLA
    • Built in high availability
    • Data protected with automated backups
    • Customer configurable backup retention period (fixed to 7 days in Public Preview)
    • User-initiated backups
  • Point in time database restore capability
Security and compliance


    • Isolated environment (VNet integration, single-tenant service, dedicated compute and storage)
    • Encryption of the data in transit
    • Azure AD authentication, single sign-on support
    • Adheres to compliance standards same as Azure SQL database
    • SQL auditing
  • Threat detection
    • Azure Resource Manager API for automating service provisioning and scaling
    • Azure portal functionality for manual service provisioning and scaling
  • Data Migration Service

Advanced security and compliance

    • Managed Instance security isolation: Includes Native Virtual Network implementation, connectivity to on-premises environment using Azure Express Route or VPN Gateway; SQL endpoint is exposed only through a private IP address; and Single-tenant with dedicated underlying infrastructure.
    • Auditing for compliance and security: Tracks and writes database events to an audit log in Azure.
    • Data encryption in motion: Secures data by providing encryption using Transport Layer Security.
    • Dynamic data masking: Limits sensitive data exposure by masking it to nonprivileged users.
    • Row-level security: Controls access to rows based on characteristics of the user.
    • Threat detection: Provides additional layer of security intelligence that detects unusual behaviour.
  • Azure active directory and multi-factor authentication: Centrally manage user identity with AAD integration.

Leave a Reply

Notify of