Page History
...
Warning |
---|
IDERA, Inc. customers are solely responsible for ensuring compliance with the laws and standards affecting their business. IDERA, Inc. does not represent that its products or services ensure that customer is in compliance with any law. It is the responsibility of the customer to obtain legal, accounting, or audit counsel as to the necessary business practices and actions to comply with such laws. |
6.
...
4 New Features
...
Quality Enhancements
Anchor | ||
---|---|---|
|
...
|
...
|
SQL Compliance Manager version 6.3 release delivers security permissions based on the least privilege principle (as opposed to permissions based on standard user roles such as sysadmin) to further enhance the data security per user within the product.
6.3 Fixed Issues
.4 brings significant updates, including adherence to the latest DISA STIGs compliance. Addressing the recent implementations made to the Security Technical Implementation Guide (STIG), which is a set of guidelines from the Department of Defense's (DoD) Defense Information Systems Agency (DISA) to help secure software and information systems.
STIGs are based on DoD policy and security controls to help developers configure hardware and software and implement security protocols. This crucial enhancement keeps you informed and up-to-date with the latest security guidelines.
The following is a subset of DISA STIGs implemented for the SQL CM 6.4 release.
- SQL6-D0-011800 - enforcement of access restrictions.
- SQL6-D0-014900 - records of privileged activities.
- SQL6-D0-015000 - unsuccessful attempts to execute privileged activities.
- SQL6-D0-015100 - starting/ending time of user access.
- SQL6-D0-014200 - successful/unsuccessful attempts to delete privileges.
- SQL6-D0-013600 - unsuccessful attempts to modify privileges
Anchor SQLCM-6883 SQLCM-6883 Fixed an issue where DDL events were not being captured for server-level privilege users configured through a domain group.Anchor SQLCM-6364 SQLCM-6364 Resolved the issue where the Regulatory Compliance Check report was showing "No" at server-level for PCI DSS guideline.Anchor SQLCM-6860 SQLCM-6860 Fixed an issue where the IP Address Auditing checkbox was unchecked after importing an exported audit setting file.
Anchor SQLCM-6855 SQLCM-6855 Addressed an issue with Audit Events not appearing on SQLCM console when CM repo was hosted on a Case Sensitive SQL instance.Anchor SQLCM-6816 SQLCM-6816 Solved the issue of multiple alerts being logged for a single event.- The number of Data and Event alerts is consistent with the number of audit events generated.
- The email alerts have been improved with the appropriate event description.
Anchor SQLCM-6887 SQLCM-6887 Fixed an issue with random disappearance of databases from the audited database list.
For more information about new features and fixed issues in version 6.23, see Previous new features and fixed issues.
...