Page History

IDERA SQL Secure provides the following new features and fixed issues.

3.2 New features

...

IDERA SQL Secure 3.2 includes the following New Security Templates:

• Center for Internet Security (CIS) for SQL Server 2008 R2, 2014, and 2016.
  

• Defense Information Systems Agency (DISA) & National Institute of Standards and Technology (NIST) for SQL Server 2012 and 2014.
  

• Sarbanes-Oxley Act, Section 404 (SOX 404).
  
• North American Electric Reliability Corporation (NERC).

...

• Adds audit support for Amazon RDS and Amazon EC2.
• Supports installing SQL Secure on Azure VM and Amazon EC2.
• Adds new security checks to support GDPR and provide a GDPR policy template.
• Updates Idera Level 1 - 3 policy templates.
• Enhances the Import/Export Policy.
• Provides an option to make bulk changes to email notification settings.
• Allows users to archive snapshots for decommissioned servers.

3.2 Fixed issues

• Anchor
  SQLSECU-2309 SQLSECU-2309

  SQL Secure is no longer having issues with expired Licenses.

• Anchor
  SQLSECU-2269 SQLSECU-2269

  SQL Secure Grooming Job is no longer failing while classifying errors from warnings.

• Anchor
  SQLSECU-2244 SQLSECU-2244

  The Unauthorized Account Check security check is not returning findings on SQL Server 2008 R2, it works with SQL Server 2016 and above.

• Anchor
  SQLSECU-2223 SQLSECU-2223

  The explanation notes functionality is working for all security checks.

• Anchor
  SQLSECU-2151 SQLSECU-2151

  The uninstallation process completes removing all SQL Secure files.

• Anchor
  SQLSECU-2089 SQLSECU-2089

  SQL Secure reports show Snapshot missing data when all Sequence Objects are included in the filter.

• Anchor
  SQLSECU-2083 SQLSECU-2083

  The Snapshot Data Collection process for Windows Server 2016 is no longer showing incorrect warnings.

• Anchor
  SQLSECU-2074 SQLSECU-2074

  TracerX-Viewer.application no longer requires to upgrade the .NET version.

• Anchor
  SQLSECU-2064 SQLSECU-2064

  SQL Secure includes the option to add new servers to Server Group Tags.

• Anchor
  SQLSECU-2037 SQLSECU-2037

  The Risk Assessment Report includes the Show Risk Only option.

• Anchor
  SQLSECU-212 SQLSECU-212

  HIPAA policy now includes msdb database as default in the criteria.

• Anchor
  SQLSECU-2086 SQLSECU-2086

  SQL Secure installer includes the Visual C++ 2015 Redistributable.

...

On this release IDERA SQL Secure updates the following Security templates:

• Center for Internet Security (CIS) 2008 and 2012.

• Payment Card Industry Data Security Standard (PCI-DSS).

...

IDERA SQL Secure 3.2 adds the following configuration checks:

• Hidden Instance Option is Set

• Auto Close Set for Contained Databases

• Max Number of Concurrent Sessions

• Backups Must Be in Compliance with RTO and RPO Requirements

• Shutdown SQL Server on Trace Failure

• Ad Hoc Distributed Queries Enabled

...

IDERA SQL Secure 3.2 adds the following access checks:

• Asymmetric Key Size
• Database Master Key Encrypted by Service Master Key
• SQL Server Database Level Encryption
• Appropriate Cryptographic Modules Have Been Used to Encrypt Data
• Database Master Keys Encrypted by Password
• Symmetric Keys Not Encrypted with a Certificate
• Implement Cell Level Encryption
  

...

IDERA SQL Secure 3.2 adds the following auditing checks:

• SQL Server Audit is Configured for Logins
• DISA Audit Configuration

• Implement Change Data Capture

...

IDERA SQL Secure 3.2 adds the following login checks:

• SQL Logins Not Using Must Change

...

IDERA SQL Secure 3.2 adds the following permissions checks:

• Limit propagation of access rights

• Direct access permissions

...

IDERA SQL Secure 3.2 now supports the repository and a monitored server of SQL Server 2017 on Windows.

3.2 Fixed issues

• AnchorSQLSECU-720SQLSECU-720This version of SQL Secure improves the execution time of the Snapshot Comparison Report, making it able to display large dataset. AnchorSQLSECU-745SQLSECU-745Time out error is no longer displayed on the User Permissions Report when the report was running for 80+ databases. In addition, users can export the report to CSV format. AnchorSQLSECU-1503SQLSECU-1503Users now are able to filter for specific databases in Database Roles Report. AnchorSQLSECU-1177SQLSECU-1177Increased Excel Report Export capability to support reports with more than 65,000 rows of data.
  AnchorSQLSECU-750SQLSECU-750This release improves Risk Assessment performance, which now is able to process policies information. AnchorSQLSECU-1216SQLSECU-1216This release updates console installation to use existing repository. AnchorSQLSECU-1329SQLSECU-1329Users can configure STMP for SQL Secure mail server. AnchorSQLSECU-1501SQLSECU-1501Users can choose to monitor Always On Availability Group by registering the listener or individual nodes. Take into account there may be some gaps if you register using the listener. AnchorSQLSECU-1522SQLSECU-1522Under Security Report Card users are able to see Logins Information with Windows Accounts Details for the Suspect Logins Security Check. AnchorSQLSECU-2055SQLSECU-2055The Integration Services Running security check now is updated depending on the integration service status.
  AnchorSQLSECU-2053SQLSECU-2053The Details Reports for SQL Server 2000 show database roles and members, it was previously not available for this version. AnchorSQLSECU-1542SQLSECU-1542Updated SQL Secure version for the deployed report target folder for SSRS reports. AnchorSQLSECU-1765SQLSECU-1765Users need to restart the application to update the SQL Secure Repository Connection Status after adding a new license in the SQL Secure Manage License section. AnchorSQLSECU-2022SQLSECU-2022SQL Secure now supports international date time format. AnchorSQLSECU-2056SQLSECU-2056The Integration Services Login Account Not Acceptable Security Check is no longer showing incorrect data for azure databases.
  AnchorSQLSECU-2056SQLSECU-2056