IDERA SQL Secure provides the following new features and fixed issues.
3.
...
2 New features
...
...
New Security TemplatesIDERA SQL Secure 3.1.200 now allows you to reference snapshots of decommissioned instances. Previously, IDERA SQL Secure removed permissions data for a server when it is removed from auditing. The only way to save the permissions and snapshot information for that instance was to back up the repository before decommissioning.
...
IDERA SQL Secure 3.1.200 includes support for Transport Layer Security (TLS) version 1.2. The TLS protocol provides encryption, authentication, and data privacy and integrity when transferring information over a network, including VPN, VOIP, and instant messaging.
...
For internal tracking reasons, this release of IDERA SQL Secure includes an updated product versioning format from three to four parts. For example, the previous version of SQL Secure was version 3.1.0 (x.x.x) and this release is 3.1.200.x (x.x.x.x).
3.1.200 Fixed issues
...
2 includes the following New Security Templates:
Center for Internet Security (CIS) for SQL Server 2008 R2, 2014, and 2016.
Defense Information Systems Agency (DISA) & National Institute of Standards and Technology (NIST) for SQL Server 2012 and 2014.
- Sarbanes-Oxley Act, Section 404 (SOX 404).
- North American Electric Reliability Corporation (NERC).
Security Templates Updates
On this release IDERA SQL Secure updates the following Security templates:
Center for Internet Security (CIS) 2008 and 2012.
Payment Card Industry Data Security Standard (PCI-DSS).
New Configuration Checks
IDERA SQL Secure 3.2 adds the following configuration checks:
Hidden Instance Option is Set
Auto Close Set for Contained Databases
Max Number of Concurrent Sessions
Backups Must Be in Compliance with RTO and RPO Requirements
Shutdown SQL Server on Trace Failure
Ad Hoc Distributed Queries Enabled
New Access Checks
IDERA SQL Secure 3.2 adds the following access checks:
- Asymmetric Key Size
- Database Master Key Encrypted by Service Master Key
- SQL Server Database Level Encryption
- Appropriate Cryptographic Modules Have Been Used to Encrypt Data
- Database Master Keys Encrypted by Password
- Symmetric Keys Not Encrypted with a Certificate
- Implement Cell Level Encryption
New Auditing Checks
IDERA SQL Secure 3.2 adds the following auditing checks:
- SQL Server Audit is Configured for Logins
- DISA Audit Configuration
Implement Change Data Capture
New Login Checks
IDERA SQL Secure 3.2 adds the following login checks:
- SQL Logins Not Using Must Change
New Permissions Checks
IDERA SQL Secure 3.2 adds the following permissions checks:
Limit propagation of access rights
- Direct access permissions
Supports SQL Server 2017
IDERA SQL Secure 3.2 now supports the repository and a monitored server of SQL Server 2017 on Windows.
3.2 Fixed issues
- Snapshot Comparison Report execution time has been improved and is able to display for large dataset.
- User Permissions Report - This release addressed the time out error that were previously seen when the report was running for 80+ databases. In addition, user should be able to export the report to csv format.
- Risk Assessment has improved performance is able to process policies information.
- Report Export Capacity for Excel has been increased to support reports with more than 65,000 rows of data.
- Console installation has been updated to use existing repository.
- STMP can be configured for SQL Secure mail server.
- User can now choose to monitor Always On Availability Group by registering the listener or individual node. Note there may be some gaps if you register using the listener.
- Users can now filter for specific databases in Database Roles Report
- Under Security Report Card users are able to see Logins Information with Windows Accounts Details for the Suspect Logins Security Check
- Database roles and members are displayed in the Details Reports for SQL Server 2000, it was previously not available for this version.
- This release updates the SQL Secure version for the deployed report target folder for SSRS reports.
- Adding a new license in SQL Secure Manage License is not properly updated to reflect the SQL Secure Repository Connection Status without requiring a restart of the application.
- SQL Secure now supports international date time format.
- The Integration Services Running security check now is updated depending on the integration service status
...
3.1 New features
Supports auditing of Azure SQL Database and SQL Server running in Azure virtual machines
IDERA SQL Secure 3.1 offers Cloud-specific capabilities for Azure-hosted SQL Server databases, including:
- Azure SQL Database and SQL Server running on Azure Virtual Machines (VMs).
- Security audits on Azure SQL Database instances and Azure Active Directory.
- Connecting to fully-qualified domain names for Azure VMs and Azure SQL Database instances as registered servers.
Expands installation options
IDERA SQL Secure 3.1 includes expanded installation options to support hybrid cloud environments.
Expands Security Check coverage
This release expands Security Check coverage for data protection, encryption, and firewall rules for the SQL Server platform, including Always Encrypted and Transparent Data Encryption.
Moved to the Windows .NET 4.6 framework
IDERA SQL Secure 3.1 supports Microsoft Windows operating systems using .NET 4.6. For more information about requirements, see Product requirements.
3.1 Fixed issues
...