Versions Compared

Old Version 22

changes.mady.by.user Daniela Villalobos

Saved on

compared with

New Version 23

changes.mady.by.user Daniela Villalobos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Anchor
    SQLSECU-2649
    SQLSECU-2649
    The Operating System Security Check no longer generates risks when the Operating system matches with the details.
  • Anchor
    SQLSECU-2648
    SQLSECU-2648
    Unauthorized Account Security Check is no longer displaying inconsistent results and details.
  • Anchor
    SQLSECU-2622
    SQLSECU-2622
    Anchor
    SQLSECU-2656
    SQLSECU-2656
    SQL Secure improved its performance significantly decreasing report generation times.
  • Anchor
    SQLSECU-2486
    SQLSECU-2486
    Anchor
    SQLSECU-2066
    SQLSECU-2066
    Snapshot Comparison Report displays the correct Server Role when a difference is generated between snapshots.

...

  • Center for Internet Security (CIS) in 2008 and 2012.

  • Payment Card Industry Data Security Standard (PCI-DSS).

...

  • Anchor
    SQLSECU-720
    SQLSECU-720
    This version of SQL Secure improves the execution time of the Snapshot Comparison Report, making it able to display large datasetdatasets.
  • Anchor
    SQLSECU-745
    SQLSECU-745
    Time out error is no longer displayed on the User Permissions Report when the report was running for 80+ databases. In addition, users can export the report to CSV format.
  • Anchor
    SQLSECU-1503
    SQLSECU-1503
    Users now are able to filter for specific databases in the Database Roles Report.
  • Anchor
    SQLSECU-1177
    SQLSECU-1177
    Increased Excel Report Export capability to support reports with more than 65,000 rows of data.
  • Anchor
    SQLSECU-750
    SQLSECU-750
    This release improves Risk Assessment performance, which now is able to process policies policy information.
  • Anchor
    SQLSECU-1216
    SQLSECU-1216
    This release updates the console installation to use the existing repository.
  • Anchor
    SQLSECU-1329
    SQLSECU-1329
    Users can configure STMP for SQL Secure mail server.
  • Anchor
    SQLSECU-1501
    SQLSECU-1501
    Users can choose to monitor Always On Availability Group by registering the listener or individual nodes. Take into account there may be some gaps if you register using the listener.
  • Anchor
    SQLSECU-1522
    SQLSECU-1522
    Under Security Report Card users are able to see Logins Information with Windows Accounts Details for the Suspect Logins Security Check.
  • Anchor
    SQLSECU-2055
    SQLSECU-2055
    The Integration Services Running security check now is updated depending on the integration service status.
  • Anchor
    SQLSECU-2053
    SQLSECU-2053
    The Details Reports for SQL Server 2000 show database roles and members, it was previously not available for this version.
  • Anchor
    SQLSECU-1542
    SQLSECU-1542
    Updated SQL Secure version for the deployed report target folder for SSRS reports.
  • Anchor
    SQLSECU-1765
    SQLSECU-1765
    Users need to restart the application to update the SQL Secure Repository Connection Status after adding a new license in the SQL Secure Manage License section.

  • Anchor
    SQLSECU-2022
    SQLSECU-2022
    SQL Secure now supports international date time format.

  • Anchor
    SQLSECU-2056
    SQLSECU-2056
    The Integration Services Login Account Not Acceptable Security Check is no longer showing incorrect data for azure databases.
    Anchor
    SQLSECU-2056
    SQLSECU-2056

...

  • This release fixes an issue causing the SQL Secure Risk Assessment Comparison Report to show changes between snapshots when no changes actually occurred.
  • Users now can remove a server instance without first removing it from an assessment or draft. If any assessment data exists, the user is asked whether they want to remove the server from all active assessments as well. If Yes, the assessment is kept intact while the instance is deleted. If No, the server is removed from the assessment as well.
  • The SQL Server SYSADMIN Accounts security check now reports an accurate status instead of always reporting OK and not displaying any accounts. This metric did and continues to report correctly in a snapshot.
  • Resolved an issue that caused the following error while processing a security check when Database roles and members is enabled: "Error 515 encountered on line online xxxx: Cannot insert the value NULL into column 'usertype', table '@DatabaseRoleUsers'; column does not allow nulls. INSERT fails."
  • This release fixes an error regarding SQL Server 2014 and SQL Server 2016 accounts in the Unauthorized Account security check. Previously, the Unauthorized Account security check for SQL Server 2014 initially reported, "No issues found." Then, when a SQL Server 2016 server was added, it listed the unauthorized accounts in the result. However, when going back to the SQL Server 2014 server, it displayed the same unauthorized accounts account results that the SQL Server 2016 server revealed.
  • Resolved an issue causing the error message,"Cannot insert duplicate key in object 'dbo.<servername>'. The duplicate key value is (1281, 327). The statement has been terminated." when attempting to create a snapshot.
  • Changed the Unauthorized Account Check wording from, "Specify the unauthorized accounts," to "Specify the authorized accounts," in the description for the Criteria entry on the Policy Properties page and on the edit Values for Security Check window.
  • When a user registers a virtual server that is part of a failover cluster, the name now correctly resolves to the cluster name.
  • Resolved an issue with the Database roles and members and the Server roles and members security checks that caused metrics to provide details from other instances/databases.
  • The GUI on the final screen of the SQL Secure Setup Wizard was updated to resolve the cut-off content of the descriptive text.
  • The Launch SQL Secure Console is now enabled after a new installation or upgrade.
  • The uninstallation wizard is updated to no longer show an incorrect final window.
  • The copyright year is now correct throughout the product.
  • The descriptive text within the Row-Level Security check is changed from, "... is configured for specific databases ..." to, "... is configured for specific tables ...".
  • The descriptive text within the Dynamic Data Masking security check is changed from, "... is configured for specific databases ..." to, "... is configured for specific columns ...".

...

IDERA SQL Secure 3.1 offers Cloudcloud-specific capabilities for Azure-hosted SQL Server databases, including:

...

  • Access
    • Files on Drive Using Not Using NTFS. Updated to support ReFS for SQL Server 2016.
    • Supported Operating Systems. Removed support for Microsoft Windows 2003 and added support for Windows 2012, Windows 2012 R2, and Windows 2016.
    • SQL Jobs and Agent. Updated to flag any case where a proxy account is not in use.
    • Encryption Methods. Updated to flag any case where unsupported encryption methods are in use. Note that beginning with SQL Server 2016, all algorithms other than AES_128, AES_192, and AES_256 are deprecated.
    • Certificate private keys were never exported. Verifies that Certificate private keys are exported.
  • Configuration
    • Linked Server. Checks to see if there are linked servers, and then checks to see if the linked server is running as a member of the sysadmin group. Linked servers can lead to performance issues and running them using sysadmin privileges can leave a database vulnerable to corruption.
    • SQL Server Version. Checks to make sure a supported version of SQL Server is in use. Flags any case where an unsupported SQL Server version is in use.
    • Full-Text Search Service Running. Checks to make sure that this service is running on the selected instance.
    • Unauthorized Accounts Check. Updated to include checks for roles beyond sysadmin, including the Separation of Duties roles in SQL Server 2014 and the roles surrounding encryption for SQL Server 2016.
    • Other General Domain Accounts Check. Update to include checks for general domain accounts such as domain Users, Everyone, and Authenticated Users added to the selected instance.
  • Surface
    • SQL Server Available for Browsing. Updated the name of this check to SQL Server Browser Running.

...

The list is populated based on the row where you click Any, i.e. if you click to select items from the Tables where row, the list displays only tables. To select more than one element at a time, press and hold the Shift key to click the first and last element in a series or press Ctrl and then click each element, not in a series. Click Add to move elements form from the Available list to the Selected list. Click Remove to move elements from the Selected list to the Available list. Search functionality also is available in this dialog box. Note that you can use wildcards when entering a search string. For more information about using Filter Properties, see Edit filter settings.

...

The User Permissions, All User Permissions, and Database Roles reports report now provide an option to view access at the user level within a group. The new Level field in the report filter allows you to select Member to display access results at the group (member) level or select User to display access results that show individual user account names within the group as well as whether the account is enabled. For more information about using reports within IDERA SQL Secure, see Report on SQL Server Security.

...

Clear the All Databases check box to enable the selection of one or more databases in the displayed list. To select more than one database at a time, press and hold the Shift key to click the first and last databases in a series or press Ctrl and then click each database, not in a series. For more information about using reports within IDERA SQL Secure, see Report on SQL Server Security.

...

  • IDERA SQL Secure now supports SQL Server 2014
  • IDERA SQL Secure now supports Always On Availability Groups
  • IDERA SQL Secure now allows you to install the SQL Secure Repository on a failover cluster. The installer provides an option to select the Cluster installation and specify a cluster node.
  • Policy Templates have been updated to use the latest versions of SQL Server and OS:
    • Updated to policy templates:
      • CIS v 2.0 for SQL Server 2005 (from version 1.2)
      • PCI-DSS v 3.0 Guidelines for SQL Server (from version 2.0)
      • HIPAA Guidelines for SQL Server - update updated security checks as needed e.g. Operating System Version
    • Added templates for:
      • CIS v1.1.0 for SQL Server 2008
      • CIS v1.0.0 for SQL Server 2012
      • MS Best Practices Analyzer for 2008
      • MS Best Practices Analyzer for 2012
  • This version had updated to a granular process for Exporting and Importing policies, so that authorized SQL Logins can be excluded from exporting, and when imported the active settings for those checks remain unmodified.
  • The process for registering new SQL Server instances with IDERA SQL Secure now allows to define defining folders for file system permissions checks.
  • IDERA SQL Secure now supports Sequence Objects for SQL Server 2012.
  • IDERA SQL Secure supports users in contained databases for SQL Server 2012 and 2014.
  • IDERA SQL Secure now provides the following new Security Checks:
    • Security Check for SQL Server Integration Services (SSIS) to verify if any public or other unauthorized principals have been granted permissions permission to use SSIS stored procedures.
    • Security Check added to level 1 and level 2 policy templates that shows show risk on systems where permissions have been granted to the public role on objects outside the sys schema in user databases.
    • Security Check: Unacceptable Database Ownership detects if a database is found with an unacceptable owner
    • The Risk Assessment Report has been updated with new nine security checks.

2.8 Fixed issues

Phase-out IDERA SQL Secure Itanium support

IDERA is beginning to phase out all Itanium support in IDERA SQL Secure 2.6 and all subsequent 2.x versions. While 2.8 will continue to operate with Itanium and support is available, IDERA SQL Secure 3.0 will not support the Itanium processor architecture. For more information, see the product requirements.

...

SQL Secure no longer uses the default credentials of your SQL Server Agent to collect Operating System and SQL Server security information. If , in a previously installed version, SQL Secure was configured to use the default SQL Agent credentials to collect security information, a window will open when you first open SQL Secure 2.8, prompting you for new credentials.

...