Page History

This build of IDERA SQL Compliance Manager includes many fixed issues, including the following updates.

5.3.1 New feature

Supports SQL Server 2016

IDERA SQL Compliance Manager 5.3.1 and later support audited and collection servers using Microsoft SQL Server 2016. For more information about supported platforms, see Software requirements.

5.3.1 Fixed issues

There are no fixed issues in this release.

5.3 New features

Expanded the SQL Compliance Manager Web console to provide a richer set of capabilities online

IDERA SQL Compliance Manager 5.3 continues to build on the work developed by prior versions to bring a richer set of capabilities to the web console. New web capabilities include:

• an ability to set up notifications for auditing thresholds; allowing a user to set up a threshold and select the delivery method such as email, Windows event log, or SNMP traps.
• additional views such as the Enhanced Audited Database, Enhanced Alert, and New Logs views.
• the ability to export views to PDF, CSV, and XML formats.
• additional new widgets that show different activities and audited SQL Server instances.

Integration with IDERA Dashboard 2.2

IDERA Dashboard integration began with SQL Compliance Manager 5.0, which centralizes the common administration, tasks, and views across all IDERA SQL products. This release of SQL Compliance Manager expands this integration by supporting IDERA Dashboard 2.2, which includes the following widgets specific to SQL Compliance Manager:

• SQL Compliance Manager Audited Instances Widget. Displays a list of audited SQL Server instances.
• SQL Compliance Manager Enterprise Activity Report Card. Displays your SQL Compliance Manager enterprise activity in a line graph.

For more information about using SQL Compliance Manager widgets within the IDERA Dashboard, see Use SQL Compliance Manager widgets in the IDERA Dashboard.

Limited Support for SQL Server 2016

IDERA supports installation of SQL Compliance Manager 5.3 on Microsoft SQL Server 2016 with limited technical support. Full technical support is available a short period after SQL Server 2016 is generally available.

5.3 Fixed issues

General

• Anchor
  DE19332, SQLCM-2522 DE19332, SQLCM-2522

  Resolved an issue that did not properly update group permissions after modification and honored group settings over the individual user account in some situations.

• Anchor
  DE43232, SQLCM-2352 DE43232, SQLCM-2352

  Improved Permissions Check functionality to prevent false or inconsistent results.

Installation

• Anchor
  US16650, SQLCM-540 US16650, SQLCM-540

  Renamed the SQL Compliance Processing database from SQLCompliance.Processing to SQLComplianceProcessing.

• Anchor
  DE43945, SQLCM-2333 DE43945, SQLCM-2333

  Corrected an issue preventing the ... button from properly working in the Add SQLcompliance Agent Service window on Windows 2012/2012 R2 installations.

Licensing

• Anchor
  DE46199, SQLCM-2165 DE46199, SQLCM-2165

  Resolved an issue causing users with AlwaysOn Availability Groups to receive a message that the maximum number of servers is reached while they actually had less than that limit.

Services

• Anchor
  DE44606, DE44676, DE41432, SQLCM-2313, SQLCM-2448, SQLCM-2345, SQLCM-2322 DE44606, DE44676, DE41432, SQLCM-2313, SQLCM-2448, SQLCM-2345, SQLCM-2322

  Improved the Collection Service performance to be able to process a substantially large number of trace files.

Auditing

• Anchor
  DE43812, SQLCM-2344 DE43812, SQLCM-2344

  SQL Compliance Manager now can log events that are accessed through a view.

• Anchor
  DE44527, SQLCM-2316 DE44527, SQLCM-2316

  Sensitive column traces no longer include events from databases not configured for sensitive column auditing.

• Anchor
  DE44679, SQLCM-2312 DE44679, SQLCM-2312

  Resolved an issue that prevented SQL Compliance Manager from discovering and auditing new users added to the list of Trusted Users / Privileged Users within a domain group without manually updating the audit settings.

• Anchor
  DE46329, SQLCM-2162 DE46329, SQLCM-2162

  Exported audit settings now include database level privileged users.

5.0 New features

Fully supports the SQL Server AlwaysOn Availability Groups feature

...

• Active Trace is now properly cleared when necessary.
• A change to the SQL Compliance Manager login filter settings from minutes to seconds fixes an issue that allowed new user events such as failed login attempts to be missed in reports.
• Reports now are viewable in .CSV format.
• SQL Compliance Manager 5.0 includes an update that clarifies alert email triggers when users to have two alert rules for Sensitive Columns.
• SQL Compliance Manager no longer displays conflicting data by including a fix that forces the collection of object names while processing trace file records.
• Normal user accounts are no longer able to capture SQL text used in admin activities without enabling additional options.
• When you have multiple columns selected for a particular table in Before-After Data (BAD), SQL Compliance Manager no longer labels events that update other columns as BAD events.
• SQL Compliance Manager now includes descriptions for ALTER ANY SCHEMA and ALTER ANY USER in the tracejob.cs file.
• The permissions check process is updated in SQL Compliance Manager 5.0 to avoid any issues when performing a check.
• Event types 158 and 258 now include expanded details that display when these types of events occur.
• SQL Compliance Manager Integrity Check now properly tracks and reports on deleted rows.

4.5 New features

Supports SQL Server 2014

SQL Compliance Manager supports the use of SQL Server 2014. Note that SQL Compliance Manager requires the repository of the SQL Server version to be greater than or equal to the highest audited version, meaning that if you want to audit SQL Server 2012 and 2014 instances, your repository must be on SQL Server 2014 to support the highest version on your instances.

Supports Windows Server 2012 cluster deployment

This version of SQL Compliance Manager allows you to install in a Windows Server 2012 clustered environment. For more information about this feature, see Deploy SQL Compliance Manager in a Windows Server 2012 clustered environment.

Audit the local SQL Server instance running the Collection Server on a cluster

SQL Compliance Manager allows you to audit a virtual SQL Server instance including the local instance on a cluster running the Collection Server. For more information about auditing a virtual SQL Server instance, see Audit a virtual SQL Server instance.

Schedule automatic archives

SQL Compliance Manager now allows you to schedule automatic archiving. You can select from daily, weekly, or monthly options. This feature is disabled by default. You can enable this feature and manage these settings in the Archive Preferences window.

Specify archive database drive

...

• .

...

Users now can select to receive alerts as SNMP Trap messages to a specified destination network management console. For more information about creating a new event rule to includes SNMP Traps, see New Event Alert Rule wizard - Alert Actions tab.

Before-After data values display NULL when there is no value

After collecting data, if there is no before or after data available, SQL Compliance Manager displays "NULL" in the Before Value and After Value columns of the Event Properties window. For more information about Before-After data, see Audited Database Properties window - Before-After Data tab.

Supports PCI DSS v3

SQL Compliance Manager now supports Payment Card Industry Data Security Standard (PCI DSS) v3.0.

Improved table compression

The data type is changed in a number of highly-utilized tables from NTEXT to VARCHAR in an attempt to improve data compression.

Improved installation process

The SQL Compliance Manager installer now checks the permissions on the trace directory and the IDERA folders to ensure that the service account is appropriately added with full control permissions for processing.

Improved database usage regarding failed inserts

SQL Compliance Manager includes new code that allows it to reuse event IDs in the event of a failed data insert.

4.5 Fixed issues

• SQL Compliance Manager includes new code regarding the threading library, making sure that all files in the trace directory are successfully processed. This fixes an issue that caused large trace file backlogs in the Collection Server.
• The Administrative Activities Audit Option no longer re-enables automatically after disabled.
• Users no longer receive an error when processing the trace file due to a limited column size in the table associated with Before-After Data.
• Users upgrading from SQL Compliance Manager 3.7 to 4.3 no longer receive numerous file parsing errors.
• This release fixes an issue causing incorrect dates to appear if you have SELECT and Sensitive Columns enabled in the Audited Database Properties window. Previously, if the Database SELECT operations check box on the Audited Activities tab, and the Sensitive Columns tab includes All Columns of the dbo.Customers table, the dates in the summary for the associated SQL Server instance were incorrect.
• An issue that prevented new SQL Compliance Manager Agent files from processing after adding a second node to a clustered repository no longer occurs.
• All failed integrity checks now includes specific events in the Details area of the Integrity Check Results window.
• Users no longer experience missing registry keys after re-adding monitored SQL Server instances.
• Adding an audited database to a monitored SQL Server instance no longer returns the server settings to default.
• Providing read-only access to the SQLcompliance database no longer requires that the GUEST account be enabled.

4.3 New features

SQL Compliance Manager 4.3 now offers a Collection Server-only install

SQL Compliance Manager 4.3 now allows you to install the Collection Server and Repository only to support installing SQL Compliance Manager on a cluster.

4.3 Fixed issues

There are no fixed issues in this release.

4.2 New features

New Family Educational Rights and Privacy Act (FERPA) guideline

Apply the new FERPA regulatory guideline to ensure your audited databases meet the requirements of this legislation. You can apply this guideline through the CLI or through the Import Audit Settings feature in the Console.

FERPA was introduced in 1974. This federal law mandates the confidentiality and protection of student information in any educational institution that receives funding from the Federal Government from kindergarten through the university level. FERPA generally prevents an education agency or institution from sharing student records or personally identifiable information in those records with individuals who are not authorized to view that information. In some cases authorized individuals need to be monitored to deter insider theft and unauthorized dissemination of information.

New Sarbanes Oxley (SOX) guideline

Apply the new SOX regulatory guideline to immediately enforce the right auditing settings for sensitive financial data. Collect a detailed audit trail of all access to that data and then deliver reports that prove your compliance to auditors. You can apply this guideline through the CLI or through the Import Audit Settings feature in the Console.

SOX, also known as the Corporate and Auditing Accountability and Responsibility Act, was first introduced in 2002. This legislation was put in place as a response to the corporate and accounting scandals which cost investors billions of dollars. From an information technology standpoint, security professionals and database administrators must collectively implement policies and processes that audit permissions on, and access to, financial data as well data changes such as before and after values.

New CLI actions register instances and apply audit settings

Use the new command line interface (CLI) actions to quickly and easily register large numbers of SQL Server instances and immediately apply audit settings to the hosted databases. You can choose to apply the default audit settings, custom audit settings you have exported from another audited instance, or a regulation guideline.

4.2 Fixed issues

• When the T-SQL query associated with an event cannot be parsed, SQL Compliance Manager now captures the SQL statement and indicates that it could not be parsed. This issue was mostly likely to occur when auditing sensitive column access.
• The Details tab of the Event Properties window now displays the SQL statement that is issued to SQL Server before SQL Server performs its query parameterization. This code represents the initial T-SQL query executed by the user.

4.0 New features

Offers HIPAA compliance guideline support

Collect data that helps you align with nine Health Insurance Portability Accountability Act (HIPAA) citations and one HITECH requirement via an out-of-the-box, customizable template.

Includes PCI compliance templates

Use the new, customizable auditing templates to help you comply with eight Payment Card Industry Data Security Standards (PCI DSS) requirement guidelines.

Provides Regulation Guideline reporting

The Regulation Guidelines report includes details for all of the guidelines applied to the databases on the selected SQL Server instance.

Features a new SQL Compliance Manager Configuration Wizard for ease of use

The new SQL Compliance Manager Configuration Wizard allows you to use a single wizard to register SQL Server instances, deploy the SQLcompliance Agent, add databases for audit, configure your audit settings for selected regulatory guidelines, and more.

4.0 Fixed issues

• SQL Compliance Manager now properly processes Grant statements.
• An issue causing SQL Compliance Manager to record Create and Drop Index events as Alter User Table events no longer occurs.
• SQL Compliance Manager now loads custom reports on the Archived Events page without requiring the user to select a filter.
• SQL Compliance Manager now honors the DML/SELECT filters if you enable both Select auditing and Sensitive Column Auditing.
• SQL Compliance Manager now properly applies event filters for instances using non-standard ports.

...

IDERA Website | Products | Buy | Support | Community | About Us | Resources | Legal