Page History
...
Warning |
---|
IDERA, Inc. customers have the sole responsibility to ensure their are solely responsible for ensuring compliance with the laws and standards affecting their business. IDERA, Inc. does not represent that its products or services ensures ensure that customer is in compliance with any law. It is the responsibility of the customer to obtain legal, accounting, or audit counsel as to the necessary business practices and actions to comply with such laws. |
...
6.
...
2 New Features
General
Capture Logout Events
Currently SQL Compliance Manager captures Logins and Failed Logins, with SQL CM version 5.6 users have the ability to capture Logouts as a separate tracking option for their registered servers and for their configured Server Level Privileged Users.
Default Audit Configuration Settings
SQL Compliance Manager provides users with the capability to set up a single Server default setting and a single Database default setting. Allowing users to set up newly added Servers and Databases with their exact desired settings. Users also have the ability to apply those default settings to already registered Servers and Databases. By default, SQL CM provides users with the Idera Default Settings, which are a set of basic settings to help users start auditing from the moment a Server is registered. For more information about this feature, see Default Audit Settings
Add Databases Automatically
SQL Compliance Manager version 5.6 provides users with the ability to enable their Server Instances to automatically add any new database that is created on an audited server. For more information about this feature, see Registered SQL Server Properties - Advanced tab.
Configurations Clarifications
Compliance Manager version 5.6 improved the configurations setting to help users have a clear understanding of what is being audited at Server level and what is being audited at Database level. With the implementation of a new logic that shows items checked and unavailable for deselection at the Database level since those items are already selected at the Server level.
Info |
---|
Please note that it is possible that with the setting inheritance you may collect more data, to avoid doing so, please review your settings to ensure that all items all collected as you expect. |
Server Level Trusted Users
SQL Compliance Manager version 5.6 allows users to configure Trusted Users at Server level. Trusted Users designated at Server level will apply across all databases in the selected server, giving users a greater control over who is monitored at what level. For more information, see Trusted Users at Server level.
Sensitive Columns Auditing
SQL Compliance Manager version 5.6 updated the Sensitive Column functionality in order to alert users if PII data is selected or altered. To know if such data has been accessed, users can choose to collect information for Select Only, Selects and DML or for All Activity.
Web Console Updates
SQL Compliance Manager version 5.6 removed all the configuration settings from the Web Console, to help users have a greater control over who can change audit data while still allowing granted users to view the information being audited. Centralizing the setting configurations to the Desktop Console only, makes the Web Console a place where Auditors and Executives can easily use Reports and Alerts to see the information that they need to see.
...
SQL Compliance Manager version 5.6 includes a new Log file that keeps track of the product ́s versions and upgrades. The new Log file, found in the SQL CM installation folder, help users track the timelines for upgrade versions.
...
SQL Compliance Manager version 5.6 provides users with the ability to register a non-sysadmin role with permission to run the Compliance Manager Agent and permission to access the trace files.
...
Quality Enhancements
Anchor | ||||
---|---|---|---|---|
|
SQL Compliance Manager 6.2 improved to determine if an Alert Rule has been configured as 'Email Notification' or 'Email Summary Notification', users no longer are required to edit the alert rule. The rule description has been enhanced to make it convenient to distinguish between the two without the need for alert rule modifications.
Anchor | ||||
---|---|---|---|---|
|
SQL Compliance Manager 6.2 upgraded to provide a CLI command line for registering a server, grooming, archiving, and verifying audit data integrity - version 6.2 is now augmented with CLI for enabling and disabling auditing servers.
Anchor | ||||
---|---|---|---|---|
|
SQL Compliance Manager 6.2 improved and added the number of rows at the end of the reports to ease access to the information contained in each report.
Security Enhancements
Anchor | ||||
---|---|---|---|---|
|
SQL Compliance Manager 6.2 enhanced security by deploying a strong Advanced Encryption Standard (AES) algorithm to meet the latest high standards of our large enterprise customers. The Advanced Encryption Standard (AES) is an algorithm that uses the same key to encrypt and decrypt protected data. Instead of a single round of encryption, data is put through several rounds of substitution, transposition, and mixing to make it harder to compromise.
6.2 Fixed Issues
-
DDL, DML, and DROP events are correctly shown in the "Audit Events" tab after performing the DDL action on the "Sensitive Column" when using the "via Audit Logs" collection method.Anchor SQLCM-6748 SQLCM-6748 -
Audit events for "insert" are accurately being recorded for Sensitive columns with "select and DML activity" enabled.Anchor SQLCM-6728 SQLCM-6728 -
Resolved the issue where Trace events were not being correctly captured for "delete from <table>" audit events when sensitive columns with "select and DML activity" were configured.Anchor SQLCM-6729 SQLCM-6729
-
Fixed an issue where the number of Logout events captured was significantly more than the number of Login events.Anchor SQLCM-6403 SQLCM-6403 -
Resolved the issue where a warning message was displayed in the Event Viewer after execution of the trace file out to the collection Server for processing.Anchor SQLCM-6539 SQLCM-6539 -
Fixed an issue where the "Delete" DML events were shown twice after executing a single "Delete" query on the "Sensitive Columns" table when "Trace" or "Audit Logs" collection methods were used.Anchor SQLCM-6773 SQLCM-6773 -
Resolved the issue where the events table integrity check did not detect changes done on hash columns.Anchor SQLCM-6769 SQLCM-6769 -
The “SQL Statement” content is correctly displayed in the “Event Properties” after executing the DDL query if the “via SQL server Audit specification” is used.Anchor SQLCM-6750 SQLCM-6750
-
Resolved the issue where the "+" icon was missing for the DDL column-sensitive event in the "Audit Events" tab.Anchor SQLCM-6749 SQLCM-6749 -
Addressed an issue where the layout was broken for reports downloaded in PDF and TIF formats.Anchor SQLCM-6721 SQLCM-6721 -
Resolved an issue where Events were not captured as expected with Extended Events and SELECT auditing was enabled.Anchor SQLCM-6697 SQLCM-6697 -
Fixed the issue where the Bin file was not getting updated for the Privileged User set up through a domain group at the server level.Anchor SQLCM-6671 SQLCM-6671 -
Resolved an issue where "Unknown Publisher" was displayed in the "User Account Control" when installing SQLCM.Anchor SQLCM-6629 SQLCM-6629 -
Addressed an issue where an error message would come up when trying to import audit settingsAnchor SQLCM-6664 SQLCM-6664
SQL Compliance Manager version 5.6 added the option to adjust the number of threads that can be used to process trace files at a time.
Regulatory Guidelines
GDPR Regulation
SQL Compliance Manager version 5.6 added the General Data Protection Regulation (GDPR) guideline to the selectable list of regulatory guidelines, providing users with the option to select GDPR guideline and comply with their auditing needs. For more information about this feature, see Comply with Specific Regulations.
Reports
Configuration Check Report
SQL Compliance Manager version 5.6 implemented the Configuration Check Report, which allows users to compare the settings configured on the registered servers and databases with the previously defined default settings. This report allows users to quickly identify where settings may vary from what is defined as the default settings as well as to identify the differences in the configurations across your registered servers and databases. For more information about this feature, see Available Reports.
Regulation Compliance Check Report
SQL Compliance Manager version 5.6 implemented the Regulation Compliance Check Report, which allows users to review the configurations set for all registered servers and databases and determine if settings comply with the selected Regulatory Guideline. This report compares the server and database configured settings to the predefined settings for any IDERA supported Regulation Guideline. For more information about this feature, see Available Reports.
5.6 Fixed Issues
Installation and Configuration issues
Anchor SQLCM-5526 SQLCM-5526 SQL Compliance Manager version 5.6 resolved the issue where the Compliance Manager Windows Console rebooted after installing or upgrading the SQL Server 2012 Native client version.Anchor SQLCM-3040 SQLCM-3040 Resolved an issue where SQL Compliance Manager recorded Create/Drop index events as “Alter User Table” events.Anchor SQLCM-5421 SQLCM-5421 SQL Compliance Manager version 5.6 implemented updates in the Sensitive Column functionality which resolved the issue where Sensitive Column events were not displayed if accessed from a view.Anchor SQLCM-5100 SQLCM-5100 Resolved an issue where SQL Compliance Manager was not capturing BAD auditing information when two objects with the same name exist in the same schema.Anchor SQLCM-5317 SQLCM-5317 SQL Compliance Manager version 5.6 resolved the issue where SQL Statements for DDL activities was not getting captured.Anchor SQLCM-3773 SQLCM-3773 SQL Compliance Manager version 5.6 resolved the issue which did not allow users to remove a database from the Administration pane.Anchor SQLCM-4963/4974 SQLCM-4963/4974 Resolved an issue where users were able to register active audited databases to archived SQL Servers.Anchor SQLCM-5239 SQLCM-5239 Resolved an issue where the Capture SQL statements for DDL activities and Security Changes option could not be selected unless the Database Definition (DDL) option was saved first.Anchor SQLCM-5104 SQLCM-5104 Resolved the issue where no events got captured for traces performed by non-privileged users.Anchor SQLCM-5281 SQLCM-5281 Resolved the issue where using encrypted credentials to deploy SQL Compliance Manager performing a silent installation returned an authentication error message.Anchor SQLCM-5229 SQLCM-5229 Resolved the issue where SQL Compliance Manager was not able to process alerts when a Group of users is set as a Privileged User.
For more information about new features and fixed issues in versions 5.5.x, see version 6.1, see Previous new features and fixed issues.
...