Page History
...
Warning |
---|
IDERA, Inc. customers have the sole responsibility to ensure their are solely responsible for ensuring compliance with the laws and standards affecting their business. IDERA, Inc. does not represent that its products or services ensures ensure that customer is in compliance with any law. It is the responsibility of the customer to obtain legal, accounting, or audit counsel as to the necessary business practices and actions to comply with such laws. |
...
6.
...
2 New Features
Quality Enhancements
Anchor | ||
---|---|---|
|
...
|
...
|
...
IDERA SQL Compliance Manager 5.5 includes updates on PCI DSS and HIPAA regulation guidelines templates. It also includes new sets of regulation guidelines, allowing users to perform data audits according the corresponding security rules.
The new regulation guidelines are the following:
- Defense Information Security Agency (DISA STIG)
- North American Electric Reliability Corporation (NERC)
- Center for Internet Security (CIS)
- Sarbanes-Oxley Act (SOX)
- Family Educational Rights and Privacy Act (FERPA)
For more information about this feature, see Comply with specific Regulations.
Auditing available via SQL Server Audit Logs
IDERA SQL Compliance Manager 5.5 includes the ability to track your alerts via SQL Server Audit Logs for Agents running on SQL Server 2017 or above. Users can now decide if they want to track events via Trace Files, Extended Events (SQL Server 2015 and above) or Audit Logs (SQL Server 2017 or above). This new feature is supported in both the Web console and the Windows Management Console.
For more information about this feature, see Using SQL Server Audit Logs6.2 improved to determine if an Alert Rule has been configured as 'Email Notification' or 'Email Summary Notification', users no longer are required to edit the alert rule. The rule description has been enhanced to make it convenient to distinguish between the two without the need for alert rule modifications.
Anchor | ||
---|---|---|
|
...
|
...
|
...
IDERA SQL Compliance Manager 5.5 includes the row count feature which captures and reports on the frequency that users access Event types and SQL Statements, alerting database administrators about suspicious behavior.
...
For more information about this feature, see Control data access - Row count.
Enable SQL Extended Events Auditing from the Windows Management Console
SQL Extended Events auditing can now be enabled from both the Web Console and the Windows Management Console.
For more information about this feature, see Using SQL Server Extended Events.
...
IDERA SQL Compliance Manager 5.5 now supports installation of the Database Repository for Collection Server, deployment of the SQL Compliance Manager Agent, and auditing events for SQL Server 2017.
For more information, see Software requirements.
...
The user can install IDERA SQL Compliance Manager 5.5 and deploy the SQL Compliance Manager Agent in Windows Server 2016.
For more information, see Software requirements.
...
IDERA SQL Compliance Manager 5.5 allows users to create Sensitive Column data sets that can be monitored as a group of sensitive information. Users can also add Sensitive Column data sets to any regulation guideline applied in servers or databases.
For more information, see Sensitive Column window.
...
IDERA SQL Compliance Manager 5.5 allows users to add Host Name, Login, and Before-After data values to the alert message templates.
Agent Deployment method
IDERA SQL Compliance Manager 5.5 allows users to see the agent deployment method in the Registered SQL Servers window of the Administration view.
...
IDERA SQL Compliance Manager 5.5 allows users to install and/or upgrade in a non default drive path.
5.5 Fixed issues
Administration issues
...
6.2 upgraded to provide a CLI command line for registering a server, grooming, archiving, and verifying audit data integrity - version 6.2 is now augmented with CLI for enabling and disabling auditing servers.
Anchor | ||||
---|---|---|---|---|
|
SQL Compliance Manager 6.2 improved and added the number of rows at the end of the reports to ease access to the information contained in each report.
Security Enhancements
Anchor | ||||
---|---|---|---|---|
|
SQL Compliance Manager 6.2 enhanced security by deploying a strong Advanced Encryption Standard (AES) algorithm to meet the latest high standards of our large enterprise customers. The Advanced Encryption Standard (AES) is an algorithm that uses the same key to encrypt and decrypt protected data. Instead of a single round of encryption, data is put through several rounds of substitution, transposition, and mixing to make it harder to compromise.
6.2 Fixed Issues
-
DDL, DML, and DROP events are correctly shown in the "Audit Events" tab after performing the DDL action on the "Sensitive Column" when using the "via Audit Logs" collection method.Anchor SQLCM-6748 SQLCM-6748 -
Audit events for "insert" are accurately being recorded for Sensitive columns with "select and DML activity" enabled.Anchor SQLCM-6728 SQLCM-6728 -
Resolved the issue where Trace events were not being correctly captured for "delete from <table>" audit events when sensitive columns with "select and DML activity" were configured.Anchor SQLCM-6729 SQLCM-6729
-
Fixed an issue where the number of Logout events captured was significantly more than the number of Login events.Anchor SQLCM-6403 SQLCM-6403 -
Resolved the issue where a warning message was displayed in the Event Viewer after execution of the trace file out to the collection Server for processing.Anchor SQLCM-6539 SQLCM-6539 -
Fixed an issue where the "Delete" DML events were shown twice after executing a single "Delete" query on the "Sensitive Columns" table when "Trace" or "Audit Logs" collection methods were used.Anchor SQLCM-6773 SQLCM-6773 -
Resolved the issue where the events table integrity check did not detect changes done on hash columns.Anchor SQLCM-6769 SQLCM-6769 -
The “SQL Statement” content is correctly displayed in the “Event Properties” after executing the DDL query if the “via SQL server Audit specification” is used.Anchor SQLCM-6750 SQLCM-6750
-
Resolved the issue where the "+" icon was missing for the DDL column-sensitive event in the "Audit Events" tab.Anchor SQLCM-6749 SQLCM-6749 -
Addressed an issue where the layout was broken for reports downloaded in PDF and TIF formats.Anchor SQLCM-6721 SQLCM-6721 -
Resolved an issue where Events were not captured as expected with Extended Events and SELECT auditing was enabled.Anchor SQLCM-6697 SQLCM-6697 -
Fixed the issue where the Bin file was not getting updated for the Privileged User set up through a domain group at the server level.Anchor SQLCM-6671 SQLCM-6671 -
Resolved an issue where "Unknown Publisher" was displayed in the "User Account Control" when installing SQLCM.Anchor SQLCM-6629 SQLCM-6629 -
Addressed an issue where an error message would come up when trying to import audit settings.Anchor SQLCM-6664 SQLCM-6664
For more information about new features and fixed issues in version 6.1, see Previous new features and fixed issues.
...
Auditing issues
...
Reporting issues
...
Scroll pdf ignore | ||
---|---|---|
SQL Compliance Manager audits all activity on your server. Learn more > > |
Scroll Pagebreak |
---|