Versions Compared

Old Version 14

changes.mady.by.user Unknown User (6092af18a56f2f006f392eb0)

Saved on

compared with

New Version 15

changes.mady.by.user Unknown User (6092af18a56f2f006f392eb0)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This build of IDERA SQL Compliance Manager includes many fixed issues, including the following updates.


Expand
title5.5.0 New features

Anchor
SQLCM-5042
SQLCM-5042
Includes updated and new regulation guidelines

IDERA SQL Compliance Manager 5.5 includes updates on PCI DSS and HIPAA regulation guidelines templates. It also includes new sets of regulation guidelines, allowing users to perform data audits according the corresponding security rules.

The new regulation guidelines are the following:

  • Defense Information Security Agency (DISA STIG)
  • North American Electric Reliability Corporation (NERC)
  • Center for Internet Security (CIS)
  • Sarbanes-Oxley Act (SOX)
  • Family Educational Rights and Privacy Act (FERPA)

For more information about this feature, see Comply with specific Regulations.

Auditing available via SQL Server Audit Logs

IDERA SQL Compliance Manager 5.5 includes the ability to track your alerts via SQL Server Audit Logs for Agents running on SQL Server 2017 or above. Users can now decide if they want to track events via Trace Files, Extended Events (SQL Server 2015 and above) or Audit Logs (SQL Server 2017 or above). This new feature is supported in both the Web console and the Windows Management Console.

For more information about this feature, see Using SQL Server Audit Logs.

Anchor
SQLCM-5044
SQLCM-5044
Includes a Row Count feature

IDERA SQL Compliance Manager 5.5 includes the row count feature which captures and reports on the frequency that users access Event types and SQL Statements, alerting database administrators about suspicious behavior.

Info

Anchor
SQLCM-5370
SQLCM-5370
As part of the row count functionality in SQL Compliance Manager 5.5 and above, we are now capturing Statement Completed instead of Statement Start.  In some cases, if a SQL statement is run but not executed (e.g. SET SHOWPLAN_XML), SQL Compliance Manager may pick up those events.

For more information about this feature, see Control data access - Row count.

Enable SQL Extended Events Auditing from the Windows Management Console

SQL Extended Events auditing can now be enabled from both the Web Console and the Windows Management Console.

For more information about this feature, see Using SQL Server Extended Events

Anchor
SQLCM-5043
SQLCM-5043
Supports SQL Server 2017

IDERA SQL Compliance Manager 5.5 now supports installation of the Database Repository for Collection Server, deployment of the SQL Compliance Manager Agent, and auditing events for SQL Server 2017.

For more information, see Software requirements

Anchor
SQLCM-5215
SQLCM-5215
Supports Windows Server 2016

The user can install IDERA SQL Compliance Manager 5.5 and deploy the SQL Compliance Manager Agent in Windows Server 2016. 

For more information, see Software requirements.  

Anchor
SQLCM-5044
SQLCM-5044
Allows users to create Sensitive Column data sets

IDERA SQL Compliance Manager 5.5 allows users to create Sensitive Column data sets that can be monitored as a group of sensitive information. Users can also add Sensitive Column data sets to any regulation guideline applied in servers or databases. 

For more information, see Sensitive Column window

Anchor
SQLCM-5105
SQLCM-5105
BAD Alerts

IDERA SQL Compliance Manager 5.5 allows users to add Host Name, Login, and Before-After data values to the alert message templates.

Agent Deployment method

IDERA SQL Compliance Manager 5.5 allows users to see the agent deployment method in the Registered SQL Servers window of the Administration view.

Anchor
SQLCM-4929
SQLCM-4929
Allows users to install or upgrade on a non default drive

IDERA SQL Compliance Manager 5.5 allows users to install and/or upgrade in a non default drive path. 

Expand
title5.5.0 Fixed issues

Administration issues

  • Anchor
    SQLCM-3759
    SQLCM-3759
    Audit thresholds appear enabled in the ReportCard even after removing and/or archiving an instance.     
  • Anchor
    SQLCM-4972
    SQLCM-4972
    SQL Compliance Manager 5.5 no longer fails to reach the Collection service on the active node after a successful failover in a clustered environment. 
  • Anchor
    SQLCM-5016/5017
    SQLCM-5016/5017
    Resolved the issue preventing SQL Scripts files with Supplementary Characters to work on the Collation SQL Server.  
  • Anchor
    SQLCM-3741
    SQLCM-3741
    Resolved the issue causing unexpected behavior during the manual upgrade of the SQL Compliance Manager Agent on a remote machine.
  • Anchor
    SQLCM-4674
    SQLCM-4674
    Resolved an issue causing overwritten permissions on the Agent Trace folder after deploying the SQL Compliance Manager Agent. 

Auditing issues

  • Anchor
    SQLCM-4952
    SQLCM-4952
    SQL Compliance Manager Agent no longer recreates stored procedures every second.
  • Anchor
    SQLCM-4947
    SQLCM-4947
    Resolved an issue in which SQL Compliance Manager was not showing Before-After data when enabling capture DML events using Extended Events. 
  • Anchor
    SQLCM-4574
    SQLCM-4574
    Resolved an issue causing DDL Events to display twice for the same event. 
  • Anchor
    SQLCM-4211
    SQLCM-4211
    Resolved an issue in which SQL Compliance Manager was not saving changes made in privileged users when applying regulation guidelines.
  • Anchor
    SQLCM-4680
    SQLCM-4680
    Resolved the issue preventing the user to capture SQL Statements for DDL and Security changes.
  • Anchor
    SQLCM-4947
    SQLCM-4947
    Resolved the issue preventing the capture of Before-After Data when using Extended Events auditing to capture DML events.

Reporting issues

  • Anchor
    SQLCM-4898
    SQLCM-4898
    Email notifications for Event Alerts now display the date and time in the Collection Server time zone. 

  • Anchor
    SQLCM-4645
    SQLCM-4645
    SQL Compliance Manager alerts users about the limit of SQL Statements when exporting reports. 

  • Anchor
    SQLCM-4850/4741
    SQLCM-4850/4741
    Resolved an issue preventing users to view and report on audit data or see events. 
Expand
title5.4.2 New features
Warning

IDERA SQL Compliance Manager 5.4 and later depend on certain Microsoft components that did not ship with SQL Server versions prior to SQL Server 2012 SP1. If you are installing SQL Compliance Manager's Collection Service on a Repository running on SQL Server 2012 or below, you must install these components manually. For more information about this process, see Important installation steps for SQLCM 5.4.x and above.

Supports TLS 1.2 with SQL CM 5.4.2

IDERA SQL Compliance Manager 5.4.2 includes support for Transport Layer Security (TLS) version 1.2. The TLS protocol provides encryption, authentication, and data privacy and integrity when transferring information over a network, including VPN, VOIP, and instant messaging.

Expand
title5.4.2 Fixed issues

Administration issues

  • Anchor
    SQLCM-4195
    SQLCM-4195
    Resolved an issue causing both Primary and Secondary nodes to list the AlwaysOn database as Secondary.
  • Anchor
    SQLCM-4924
    SQLCM-4924
    Resolved an issue preventing email from working for certain servers and types of events.

Auditing issues

  • Anchor
    SQLCM-2136
    SQLCM-2136
    Resolved an issue preventing audit of the Availabiity Group listener if a non-default port is used.
  • Anchor
    SQLCM-2216
    SQLCM-2216
    Database-level Privileged User Auditing settings are no longer overwritten by instance-level Privileged User Auditing settings.
  • Anchor
    SQLCM-3775/SQLCM-3648/SQLCM-4879
    SQLCM-3775/SQLCM-3648/SQLCM-4879
    Resolved the following integrity check issues:
    • users received an integrity check issue message although the scheduled integrity checks all passed
    • SQL Server startup events caused an integrity check failure
    • Integrity checks didn't match the Audit events in the SQLCM Repository
  • Anchor
    SQLCM-3789
    SQLCM-3789
    Resolved an issue causing the database name to return blank for Login Events in some places.
  • Anchor
    SQLCM-2529/SQLCM-4937
    SQLCM-2529/SQLCM-4937
    SELECT statements no longer appear as UPDATE statements.
  • Anchor
    SQLCM-3642
    SQLCM-3642
    Resolved an error that occurred when the eventId reached the max limit of Integer. The error was, "Cannot insert duplicate key row in object 'dbo.Events' with unique index 'IX_Events_eventId'.
  • Anchor
    SQLCM-4346/SQLCM-4621
    SQLCM-4346/SQLCM-4621
    No longer generates the Column Value Changed Data alert twice for Before-After auditing events.
    Anchor
    SQLCM-3775, SQLCM-3648, SQLCM-4879
    SQLCM-3775, SQLCM-3648, SQLCM-4879
  • Anchor
    SQLCM-4649
    SQLCM-4649
    Resolved an issue causing an error when updating a table that contains an image and the table name contains a hyphen.
  • Anchor
    SQLCM-4955
    SQLCM-4955
    The default Events view now displays data for a single day rather than 30 days.
  • Anchor
    SQLCM-4950
    SQLCM-4950
    Resolved an issue preventing the proper function of the Exporting/Importing Database DML Filter audit settings.

Archiving issues

  • Anchor
    SQLCM-2512/SQLCM-4919
    SQLCM-2512/SQLCM-4919
    During archiving, users no longer receive a "Violation of PRIMARY KEY" error during archiving.

Reporting issues

  • Anchor
    SQLCM-3788
    SQLCM-3788
    Resolved an issue that prevented users from running the DML Activity (Before-After) report.
Expand
title5.4.0 New features
Warning

IDERA SQL Compliance Manager 5.4 depends on certain Microsoft components that did not ship with SQL Server versions prior to SQL Server 2012 SP1. If you are installing SQL Compliance Manager's Collection Service on a Repository running on SQL Server 2012 or below, you must install these components manually. For more information about this process, see Important installation steps for SQLCM 5.4.x and above.

Improves archiving through the availability of SQL Server Extended Events

IDERA SQL Compliance Manager 5.4 includes support for event handling with SQL Server Extended Events. This optional feature is available for use in auditing instead of using SQL Trace. Running Extended Events offers a performance improvement over the default SQL Trace audit event gathering system and is available for instances running SQL Server 2012 and later. For more information about using the Extended Events option, see Using SQL Server Extended Events.

Includes new Sensitive Column Search

Included in this release is integration with a free tool from IDERA called SQL Column Search. Available from the IDERA SQL Compliance Manager Instance Details view, this feature allows you to search tables and columns on a targeted database to discover the location of sensitive data needing to be audited. For more information about using the Sensitive Column Search, see Sensitive Column Search window.

Offers SQL Compliance Manager Windows Console functionality in the Web Console

The following features previously available only through the IDERA SQL Compliance Manager Windows Console now are available in the Web Console as well:

Includes updated regulatory guideline templates

IDERA SQL Compliance Manager includes a number of regulatory guideline templates for customer use. IDERA SQL Compliance Manager 5.4 includes updates for these templates. For more information about this feature, see Comply with specific regulations.

Expand
title5.4.0 Fixed issues

Installation and upgrade issues

  • Anchor
    SQLCM-2163
    SQLCM-2163
    Enabled Capture Transaction Status for DML Activity no longer replaces SQL statement values with variables.
  • Anchor
    SQLCM-2171
    SQLCM-2171
    This release resolves an issue that prevented auditing when two tables has the same name but different schema
  • Anchor
    SQLCM-2174
    SQLCM-2174
    An error no longer occurs while updating the audit configuration file due to duplicate database IDs.
  • Anchor
    SQLCM-2175
    SQLCM-2175
    Improves Collection Server performance while processing trace files.
  • Anchor
    SQLCM-2351
    SQLCM-2351
    Corrects an issue preventing the Collection Trace directory from being created when the user chooses a non-default installation path.
  • Anchor
    SQLCM-3211
    SQLCM-3211
    IDERA SQL Compliance Manager 5.3 now supports SQL Compliance Manager Agent silent installation.
  • Anchor
    SQLCM-3332
    SQLCM-3332
    Resolves an issue causing heartbeat alerts for instances after they are archived.
  • Anchor
    SQLCM-3637
    SQLCM-3637
    Resolves an error that appeared when a user added privileged users while applying a custom Audit Collection Level.
  • Anchor
    SQLCM-3638
    SQLCM-3638
    Fixed an error causing the collection of non-audited database data when Capture SQL statements for DML and SELECT activity is enabled.
  • Anchor
    SQLCM-3639
    SQLCM-3639
    Before-After data now works during an update when auditing selected columns.
  • Anchor
    SQLCM-3640
    SQLCM-3640
    Non-AlwaysOn Availability Group databases can no longer be added to an AG server for auditing.
  • Anchor
    SQLCM-4496
    SQLCM-4496
    Resolves an issue causing an invalid object name error with 'sys.dm_os_window_info' for SQL Server 2005 agents.
Expand
title5.3.1 New features

Supports SQL Server 2016

IDERA SQL Compliance Manager 5.3.1 and later support audited and collection servers using Microsoft SQL Server 2016. For more information about supported platforms, see Software requirements.

Expand
title5.3.1 Fixed issues

There are no fixed issues in this release.

Expand
title5.3.0 New features

Expanded the SQL Compliance Manager Web console to provide a richer set of capabilities online

IDERA SQL Compliance Manager 5.3 continues to build on the work developed by prior versions to bring a richer set of capabilities to the web console. New web capabilities include:

  • an ability to set up notifications for auditing thresholds; allowing a user to set up a threshold and select the delivery method such as email, Windows event log, or SNMP traps.
  • additional views such as the Enhanced Audited Database, Enhanced Alert, and New Logs views.
  • the ability to export views to PDF, CSV, and XML formats.
  • additional new widgets that show different activities and audited SQL Server instances.

Integration with IDERA Dashboard 2.2

IDERA Dashboard integration began with SQL Compliance Manager 5.0, which centralizes the common administration, tasks, and views across all IDERA SQL products. This release of SQL Compliance Manager expands this integration by supporting IDERA Dashboard 2.2, which includes the following widgets specific to SQL Compliance Manager:

  • SQL Compliance Manager Audited Instances Widget. Displays a list of audited SQL Server instances.
  • SQL Compliance Manager Enterprise Activity Report Card. Displays your SQL Compliance Manager enterprise activity in a line graph.

For more information about using SQL Compliance Manager widgets within the IDERA Dashboard, see Use SQL Compliance Manager widgets in the IDERA Dashboard.

Limited Support for SQL Server 2016

IDERA supports installation of SQL Compliance Manager 5.3 on Microsoft SQL Server 2016 with limited technical support. Full technical support is available a short period after SQL Server 2016 is generally available.

Expand
title5.3.0 Fixed issues

General

  • Anchor
    DE19332, SQLCM-2522
    DE19332, SQLCM-2522
    Resolved an issue that did not properly update group permissions after modification and honored group settings over the individual user account in some situations.
  • Anchor
    DE43232, SQLCM-2352
    DE43232, SQLCM-2352
    Improved Permissions Check functionality to prevent false or inconsistent results.

Installation

  • Anchor
    US16650, SQLCM-540
    US16650, SQLCM-540
    Renamed the SQL Compliance Processing database from SQLCompliance.Processing to SQLComplianceProcessing.
  • Anchor
    DE43945, SQLCM-2333
    DE43945, SQLCM-2333
    Corrected an issue preventing the ... button from properly working in the Add SQL Compliance Manager Agent Service window on Windows 2012/2012 R2 installations.

Licensing

  • Anchor
    DE46199, SQLCM-2165
    DE46199, SQLCM-2165
    Resolved an issue causing users with AlwaysOn Availability Groups to receive a message that the maximum number of servers is reached while they actually had less than that limit.

Services

  • Anchor
    DE44606, DE44676, DE41432, SQLCM-2313, SQLCM-2448, SQLCM-2345, SQLCM-2322
    DE44606, DE44676, DE41432, SQLCM-2313, SQLCM-2448, SQLCM-2345, SQLCM-2322
    Improved the Collection Service performance to be able to process a substantially large number of trace files.

Auditing

  • Anchor
    DE43812, SQLCM-2344
    DE43812, SQLCM-2344
    SQL Compliance Manager now can log events that are accessed through a view.
  • Anchor
    DE44527, SQLCM-2316
    DE44527, SQLCM-2316
    Sensitive column traces no longer include events from databases not configured for sensitive column auditing.
  • Anchor
    DE44679, SQLCM-2312
    DE44679, SQLCM-2312
    Resolved an issue that prevented SQL Compliance Manager from discovering and auditing new users added to the list of Trusted Users / Privileged Users within a domain group without manually updating the audit settings.
  • Anchor
    DE46329, SQLCM-2162
    DE46329, SQLCM-2162
    Exported audit settings now include database level privileged users.
Expand
title5.0.0 New features

Fully supports the SQL Server AlwaysOn Availability Groups feature 

SQL Compliance Manager 5.0 now allows DBAs to monitor their availability groups, availability replicas, and availability databases through AlwaysOn Availability in SQL Server 2012 and newer. AlwaysOn automatically switches auditing from the primary to the secondary replica in the event of failure as well as failback to primary when it comes back online. This advantage prevents a loss of audit data trail in the event of failure.

Support for this feature also comes with:

  • An Availability Group Statistics report that allows you view the historical health of your availability groups, availability replicas, and availability databases.
  • An Availability Group Topology report that allows you to view the current topology of your availability groups configuration.
  • Monitoring of key metrics specific to the AlwaysOn Availability Groups feature.
  • Queue Size and Transfer Rates charts.

For additional information on SQL Compliance Manager and the AlwaysOn Availability Groups feature, see Enable automatic failover using AlwaysOn Availability Groups.

Offers a technology preview of a new web-based SQL Compliance Manager Dashboard

Along with the integration of the IDERA Dashboard, SQL Compliance Manager 5.0 includes a preview of a newly-designed web console that offers quick views of key audit trail activities on your SQL Servers from any web browser. Identify key compliance issues quickly and provide an easy access point to non-DBAs without giving them access to the entire Management Console.

Added integration with the IDERA Dashboard

SQL Compliance Manager 5.0 now integrates with the IDERA Dashboard, a common technology framework designed to support the IDERA product suite. Users are able to obtain an overview of the status of their SQL Servers and hosted databases all in a consolidated view and navigate to individual product dashboards for details. The IDERA Dashboard provides a central set of services for managing users, product registry, instance registry, aggregated alerts across IDERA applications, a central web server, and tags for grouping instances. For more information about the IDERA Dashboard, see Navigate the IDERA Dashboard web console.

Moved to the Windows .NET 4.0 framework

SQL Compliance Manager 5.0 supports Microsoft Windows operating systems using .NET 4.0. Note that .NET 4.0 or later must be installed on the audited server. For more information about requirements, see Software requirements.

Expand
title5.0.0 Fixed issues
  • Anchor
    SQLCM-2428
    SQLCM-2428
    Active Trace is now properly cleared when necessary.
  • Anchor
    SQLCM-2386
    SQLCM-2386
    A change to the SQL Compliance Manager login filter settings from minutes to seconds fixes an issue that allowed new user events such as failed login attempts to be missed in reports.
  • Anchor
    SQLCM-2348
    SQLCM-2348
    You can now view Reports in .CSV format.
  • Anchor
    SQLCM-3247
    SQLCM-3247
    SQL Compliance Manager 5.0 includes an update that clarifies alert email triggers when users to have two alert rules for Sensitive Columns.
  • SQL Compliance Manager no longer displays conflicting data by including a fix that forces the collection of object names while processing trace file records.
  • Anchor
    SQLCM-2401
    SQLCM-2401
    Regular user accounts are no longer able to capture SQL text used in admin activities without enabling additional options.
  • Anchor
    SQLCM-3090
    SQLCM-3090
    When you have multiple columns selected for a particular table in Before-After Data (BAD), SQL Compliance Manager no longer labels events that update other columns as BAD events.
  • Anchor
    SQLCM-2384
    SQLCM-2384
    SQL Compliance Manager now includes descriptions for ALTER ANY SCHEMA and ALTER ANY USER in the tracejob.cs file.
  • The permissions check process is updated in SQL Compliance Manager 5.0 to avoid any issues when performing a check.
  • Anchor
    SQLCM-2350
    SQLCM-2350
    Event types 158 and 258 now include expanded details that display when these types of events occur.
  • Anchor
    SQLCM-2446
    SQLCM-2446
    SQL Compliance Manager Integrity Check now properly tracks and reports on deleted rows.



Scroll pdf ignore

SQL Compliance Manager audits all activity on your server. Learn more > >

IDERA Website | Products Buy Support Community About Us | Resources Legal

Scroll Pagebreak