This build of IDERA SQL Compliance Manager includes many fixed issues, including the following updates.
5.5.0 New features
Includes updated and new regulation guidelines
IDERA SQL Compliance Manager 5.5 includes updates on PCI DSS and HIPAA regulation guidelines templates. It also includes new sets of regulation guidelines, allowing users to perform data audits according the corresponding security rules.
The new regulation guidelines are the following:
- Defense Information Security Agency (DISA STIG)
- North American Electric Reliability Corporation (NERC)
- Center for Internet Security (CIS)
- Sarbanes-Oxley Act (SOX)
- Family Educational Rights and Privacy Act (FERPA)
For more information about this feature, see Comply with specific Regulations.
Auditing available via SQL Server Audit Logs
IDERA SQL Compliance Manager 5.5 includes the ability to track your alerts via SQL Server Audit Logs for Agents running on SQL Server 2017 or above. Users can now decide if they want to track events via Trace Files, Extended Events (SQL Server 2015 and above) or Audit Logs (SQL Server 2017 or above). This new feature is supported in both the Web console and the Windows Management Console.
For more information about this feature, see Using SQL Server Audit Logs.
Includes a Row Count feature
IDERA SQL Compliance Manager 5.5 includes the row count feature which captures and reports on the frequency that users access Event types and SQL Statements, alerting database administrators about suspicious behavior.
Info |
---|
As part of the row count functionality in SQL Compliance Manager 5.5 and above, we are now capturing Statement Completed instead of Statement Start. In some cases, if a SQL statement is run but not executed (e.g. SET SHOWPLAN_XML), SQL Compliance Manager may pick up those events. |
For more information about this feature, see Control data access - Row count.
Enable SQL Extended Events Auditing from the Windows Management Console
SQL Extended Events auditing can now be enabled from both the Web Console and the Windows Management Console.
For more information about this feature, see Using SQL Server Extended Events.
Supports SQL Server 2017
IDERA SQL Compliance Manager 5.5 now supports installation of the Database Repository for Collection Server, deployment of the SQL Compliance Manager Agent, and auditing events for SQL Server 2017.
For more information, see Software requirements.
Supports Windows Server 2016
The user can install IDERA SQL Compliance Manager 5.5 and deploy the SQL Compliance Manager Agent in Windows Server 2016.
For more information, see Software requirements.
Allows users to create Sensitive Column data sets
IDERA SQL Compliance Manager 5.5 allows users to create Sensitive Column data sets that can be monitored as a group of sensitive information. Users can also add Sensitive Column data sets to any regulation guideline applied in servers or databases.
For more information, see Sensitive Column window.
BAD Alerts
IDERA SQL Compliance Manager 5.5 allows users to add Host Name, Login, and Before-After data values to the alert message templates.
Agent Deployment method
IDERA SQL Compliance Manager 5.5 allows users to see the agent deployment method in the Registered SQL Servers window of the Administration view.
Allows users to install or upgrade on a non default driveIDERA SQL Compliance Manager 5.5 allows users to install and/or upgrade in a non default drive path.
5.5.0 Fixed issues
Administration issues
- Audit thresholds appear enabled in the ReportCard even after removing and/or archiving an instance.
- SQL Compliance Manager 5.5 no longer fails to reach the Collection service on the active node after a successful failover in a clustered environment.
Anchor |
---|
| SQLCM-5016/5017 |
---|
| SQLCM-5016/5017 |
---|
|
Resolved the issue preventing SQL Scripts files with Supplementary Characters to work on the Collation SQL Server. - Resolved the issue causing unexpected behavior during the manual upgrade of the SQL Compliance Manager Agent on a remote machine.
- Resolved an issue causing overwritten permissions on the Agent Trace folder after deploying the SQL Compliance Manager Agent.
Auditing issues
- SQL Compliance Manager Agent no longer recreates stored procedures every second.
- Resolved an issue in which SQL Compliance Manager was not showing Before-After data when enabling capture DML events using Extended Events.
- Resolved an issue causing DDL Events to display twice for the same event.
- Resolved an issue in which SQL Compliance Manager was not saving changes made in privileged users when applying regulation guidelines.
- Resolved the issue preventing the user to capture SQL Statements for DDL and Security changes.
- Resolved the issue preventing the capture of Before-After Data when using Extended Events auditing to capture DML events.
Reporting issues
- Email notifications for Event Alerts now display the date and time in the Collection Server time zone.
- SQL Compliance Manager alerts users about the limit of SQL Statements when exporting reports.
Anchor |
---|
| SQLCM-4850/4741 |
---|
| SQLCM-4850/4741 |
---|
|
Resolved an issue preventing users to view and report on audit data or see events.
5.4.2 New features
Warning |
---|
IDERA SQL Compliance Manager 5.4 and later depend on certain Microsoft components that did not ship with SQL Server versions prior to SQL Server 2012 SP1. If you are installing SQL Compliance Manager's Collection Service on a Repository running on SQL Server 2012 or below, you must install these components manually. For more information about this process, see Important installation steps for SQLCM 5.4.x and above. |
...
IDERA SQL Compliance Manager 5.4.2 includes support for Transport Layer Security (TLS) version 1.2. The TLS protocol provides encryption, authentication, and data privacy and integrity when transferring information over a network, including VPN, VOIP, and instant messaging.
5.4.2 Fixed issues
Administration issues
- Resolved an issue causing both Primary and Secondary nodes to list the AlwaysOn database as Secondary.
- Resolved an issue preventing email from working for certain servers and types of events.
Auditing issues
- Resolved an issue preventing audit of the Availabiity Group listener if a non-default port is used.
- Database-level Privileged User Auditing settings are no longer overwritten by instance-level Privileged User Auditing settings.
Anchor |
---|
| SQLCM-3775, /SQLCM-3648, /SQLCM-4879 |
---|
| SQLCM-3775, /SQLCM-3648, /SQLCM-4879 |
---|
|
Resolved the following integrity check issues:- users received an integrity check issue message although the scheduled integrity checks all passed
- SQL Server startup events caused an integrity check failure
- Integrity checks didn't match the Audit events in the SQLCM Repository
- Resolved an issue causing the database name to return blank for Login Events in some places.
Anchor |
---|
| SQLCM-2529, /SQLCM-4937 |
---|
| SQLCM-2529, /SQLCM-4937 |
---|
|
SELECT statements no longer appear as UPDATE statements.- Resolved an error that occurred when the eventId reached the max limit of Integer. The error was, "Cannot insert duplicate key row in object 'dbo.Events' with unique index 'IX_Events_eventId'.
Anchor |
---|
| SQLCM-4346, /SQLCM-4621 |
---|
| SQLCM-4346, /SQLCM-4621 |
---|
|
No longer generates the Column Value Changed Data alert twice for Before-After auditing events. Anchor |
---|
| SQLCM-3775, SQLCM-3648, SQLCM-4879 |
---|
| SQLCM-3775, SQLCM-3648, SQLCM-4879 |
---|
|
- Resolved an issue causing an error when updating a table that contains an image and the table name contains a hyphen.
- The default Events view now displays data for a single day rather than 30 days.
- Resolved an issue preventing the proper function of the Exporting/Importing Database DML Filter audit settings.
Archiving issues
Anchor |
---|
| SQLCM-2512, /SQLCM-4919 |
---|
| SQLCM-2512, /SQLCM-4919 |
---|
|
During archiving, users no longer receive a "Violation of PRIMARY KEY" error during archiving.
Reporting issues
- Resolved an issue that prevented users from running the DML Activity (Before-After) report.
5.4.0 New features
Warning |
---|
IDERA SQL Compliance Manager 5.4 depends on certain Microsoft components that did not ship with SQL Server versions prior to SQL Server 2012 SP1. If you are installing SQL Compliance Manager's Collection Service on a Repository running on SQL Server 2012 or below, you must install these components manually. For more information about this process, see Important installation steps for SQLCM 5.4.x and above. |
Improves archiving through the availability of SQL Server Extended Events
...
IDERA SQL Compliance Manager 5.3.1 and later support audited and collection servers using Microsoft SQL Server 2016. For more information about supported platforms, see see Software requirements.
5.3.1 Fixed issues
...
For more information about using SQL Compliance Manager widgets within the IDERA Dashboard, see see Use SQL Compliance Manager widgets in the IDERA Dashboard.
...
Anchor |
---|
| US16650, SQLCM-540 |
---|
| US16650, SQLCM-540 |
---|
|
Renamed the SQL Compliance Processing database from from SQLCompliance.Processing
to to SQLComplianceProcessing
. Anchor |
---|
| DE43945, SQLCM-2333 |
---|
| DE43945, SQLCM-2333 |
---|
|
Corrected an issue preventing the the ... button button from properly working in the Add SQL Compliance Manager Agent Service window on Windows 2012/2012 R2 installations.
...
Fully supports the SQL Server AlwaysOn Availability Groups feature
SQL Compliance Manager 5.0 now allows DBAs to monitor their availability groups, availability replicas, and availability databases through AlwaysOn Availability in SQL Server 2012 and newer. AlwaysOn automatically switches auditing from the primary to the secondary replica in the event of failure as well as failback to primary when it comes back online. This advantage prevents a loss of audit data trail in the event of failure.
...
For additional information on SQL Compliance Manager and the AlwaysOn Availability Groups feature, see see Enable automatic failover using AlwaysOn Availability Groups.
...
SQL Compliance Manager 5.0 now integrates with the IDERA Dashboard, a common technology framework designed to support the IDERA product suite. Users are able to obtain an overview of the status of their SQL Servers and hosted databases all in a consolidated view and navigate to individual product dashboards for details. The IDERA Dashboard provides a central set of services for managing users, product registry, instance registry, aggregated alerts across IDERA applications, a central web server, and tags for grouping instances. For more information about the IDERA Dashboard, see see Navigate the IDERA Dashboard web console.
...
SQL Compliance Manager 5.0 supports Microsoft Windows operating systems using .NET 4.0. Note that .NET 4.0 or later must be installed on the audited server. For more information about requirements, see see Software requirements.
5.0 Fixed issues
- Active Trace is now properly cleared when necessary.
- A change to the SQL Compliance Manager login filter settings from minutes to seconds fixes an issue that allowed new user events such as failed login attempts to be missed in reports.
- Reports now are viewable You can now view Reports in .CSV format.
- SQL Compliance Manager 5.0 includes an update that clarifies alert email triggers when users to have two alert rules for Sensitive Columns.
- SQL Compliance Manager no longer displays conflicting data by including a fix that forces the collection of object names while processing trace file records.
- Normal user accounts are no longer able to capture SQL text used in admin activities without enabling additional options.
- When you have multiple columns selected for a particular table in Before-After Data (BAD), SQL Compliance Manager no longer labels events that update other columns as BAD events.
- SQL Compliance Manager now includes descriptions for ALTER ANY SCHEMA and ALTER ANY USER in the tracejob.cs file.
- The permissions check process is updated in SQL Compliance Manager 5.0 to avoid any issues when performing a check.
- Event types 158 and 258 now include expanded details that display when these types of events occur.
- SQL Compliance Manager Integrity Check now properly tracks and reports on deleted rows.
...