Page History
IDERA IDERA SQL Secure provides the following new features and fixed issues.
...
4.
...
4 New features
Anchor SQLSECU-
...
2907 SQLSECU-
...
IDERA SQL Secure 3.2 includes the following New Security Templates:
Center for Internet Security (CIS) for SQL Server 2008 R2, 2014, and 2016.
Defense Information Systems Agency (DISA) & National Institute of Standards and Technology (NIST) for SQL Server 2012 and 2014.
- Sarbanes-Oxley Act, Section 404 (SOX 404).
- North American Electric Reliability Corporation (NERC).
...
On this release IDERA SQL Secure updates the following Security templates:
Center for Internet Security (CIS) 2008 and 2012.
Payment Card Industry Data Security Standard (PCI-DSS).
...
IDERA SQL Secure 3.2 adds the following configuration checks:
Hidden Instance Option is Set
Auto Close Set for Contained Databases
Max Number of Concurrent Sessions
Backups Must Be in Compliance with RTO and RPO Requirements
Shutdown SQL Server on Trace Failure
Ad Hoc Distributed Queries Enabled
...
IDERA SQL Secure 3.2 adds the following access checks:
- Asymmetric Key Size
- Database Master Key Encrypted by Service Master Key
- SQL Server Database Level Encryption
- Appropriate Cryptographic Modules Have Been Used to Encrypt Data
- Database Master Keys Encrypted by Password
- Symmetric Keys Not Encrypted with a Certificate
- Implement Cell Level Encryption
...
IDERA SQL Secure 3.2 adds the following auditing checks:
- SQL Server Audit is Configured for Logins
- DISA Audit Configuration
Implement Change Data Capture
...
IDERA SQL Secure 3.2 adds the following login checks:
- SQL Logins Not Using Must Change
...
IDERA SQL Secure 3.2 adds the following permissions checks:
Limit propagation of access rights
- Direct access permissions
...
IDERA SQL Secure 3.2 now supports the repository and a monitored server of SQL Server 2017 on Windows.
3.2 Fixed issues
...
The Snapshot Comparison report settings now include a checkbox that allows the report to show the object comparison based on:2907 - Current logic.
- Updated logic to ignore restored objects that are identical to the previous snapshot.
The Snapshot Comparison report now shows a more detailed view of the user level access changes that occurred between two different snapshots.Anchor SQLSECU-2190 SQLSECU-2190
4.4 Fixed issues
The Snapshot May Be Missing Data security check was incorrectly reported for SQL Server 2016 and SQL Server 2017. This is now fixed.Anchor SQLSECU-2799 SQLSECU-2799
...
Scroll pdf ignore | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|