Page History
...
IDERA SQL Secure 3.0 includes multiple additions and modifications to the existing Security Checks in the Risk Assessment report. These new checks include:
- Access
- Files on Drive Using Not Using NTFS. Updated to support ReFS for SQL Server 2016.
- Supported Operating Systems. Removed support for Microsoft Windows 2003 and added support for Windows 2012, Windows 2012 R2, and Windows 2016.
- SQL Jobs and Agent. Updated to flag any case where a proxy account is not in use.
- Encryption Methods. Updated to flag any case where unsupported encryption methods are in use. Note that beginning with SQL Server 2016, all algorithms other than AES_128, AES_192, and AES_256 are deprecated.
- Certificate private keys were never exported. Verifies that Certificate private keys are exported.
- Configuration
- Linked Server. Checks to see if there are linked servers, and then checks to see if the linked server is running as a member of the sysadmin group. Linked servers can lead to performance issues and running them using sysadmin privileges can leave a database vulnerable to corruption.
- SQL Server Version. Checks to make sure a supported version of SQL Server is in use. Flags any case where an unsupported SQL Server version is in use.
- Full Text Search Service Running. Checks to make sure that this service is running on the selected instance.
- Unauthorized Accounts Check. Updated to include checks for roles beyond sysadmin, including the Separation of Duties roles in SQL Server 2014 and the roles surrounding encryption for SQL Server 2016.
- Other General Domain Accounts Check. Update to include checks for general domain accounts such as domain Users, Everyone, and Authenticated Users added to the selected instance.
- Surface
- SQL Server Available for Browsing. Updated the name of this check to SQL Server Browser Running.
For more information about using reports within IDERA SQL Secure, see Report on SQL Server Security.
3.0 Fixed issues
The following issues are fixed in IDERA SQL Secure:
Resolved an issue that occurred when trying to register a SQL Server instance, which is clustered and using AlwaysOn Availability Groups. The system tried to register the Cluster Server Name instead of the SQL Server Instance Name.Anchor SQLSECU-727 SQLSECU-727
Resolved an issue that caused SQL Server administrator accounts to show sysadmin accounts for other servers in the Server Security Report Card.Anchor SQLSECU-728 SQLSECU-728
IDERA SQL Secure no longer incorrectly pulls database role information from SQL Server 2000 databases.Anchor SQLSECU-719 SQLSECU-719
Users no longer receive false warning messages when running a snapshot.Anchor SQLSECU-1173 SQLSECU-1173
Resolved an issue that caused the system to display authorized accounts as unauthorized when a wildcard was included in the list of authorized accounts in Unauthorized Accounts Are Sysadmins.Anchor SQLSECU-725 SQLSECU-725
...
...
Website | Products | Buy | Support | Community | About Us | Resources | Legal