You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

This build of IDERA SQL Compliance Manager includes many fixed issues, including the following updates.

4.5 New features

Supports SQL Server 2014

SQL Compliance Manager supports the use of SQL Server 2014. Note that SQL Compliance Manager requires the repository of the SQL Server version to be greater than or equal to the highest audited version, meaning that if you want to audit SQL Server 2012 and 2014 instances, your repository must be on SQL Server 2014 to support the highest version on your instances.

Supports Windows Server 2012 cluster deployment

This version of SQL Compliance Manager allows you to install in a Windows Server 2012 clustered environment. For more information about this feature, see Deploy SQL Compliance Manager in a Windows Server 2012 clustered environment.

Audit the local SQL Server instance running the Collection Server on a cluster

SQL Compliance Manager allows you to audit a virtual SQL Server instance including the local instance on a cluster running the Collection Server. For more information about auditing a virtual SQL Server instance, see Audit a virtual SQL Server instance.

Schedule automatic archives

SQL Compliance Manager now allows you to schedule automatic archiving. You can select from daily, weekly, or monthly options. This feature is disabled by default. You can enable this feature and manage these settings in the Archive Preferences window.

Specify archive database drive

When setting up archiving, you can specify the drive where you want SQL Compliance Manager to store the archive database. You can manage this location in the Archive Preferences window.

Receive alerts through SNMP

Users now can select to receive alerts as SNMP Trap messages to a specified destination network management console. For more information about creating a new event rule to includes SNMP Traps, see New Event Alert Rule wizard - Alert Actions tab.

Before-After data values display NULL when there is no value

After collecting data, if there is no before or after data available, SQL Compliance Manager displays "NULL" in the Before Value and After Value columns of the Event Properties window. For more information about Before-After data, see Audited Database Properties window - Before-After Data tab.

Supports PCI DSS v3

SQL Compliance Manager now supports Payment Card Industry Data Security Standard (PCI DSS) v3.0.

Improved table compression

The data type is changed in a number of highly-utilized tables from NTEXT to VARCHAR in an attempt to improve data compression.

Improved installation process

The SQL Compliance Manager installer now checks the permissions on the trace directory and the IDERA folders to ensure that the service account is appropriately added with full control permissions for processing.

Improved database usage regarding failed inserts

SQL Compliance Manager includes new code that allows it to reuse event IDs in the event of a failed data insert.

4.5 Fixed issues

  • SQL Compliance Manager includes new code regarding the threading library, making sure that all files in the trace directory are successfully processed. This fixes an issue that caused large trace file backlogs in the Collection Server.
  • The Administrative Activities Audit Option no longer re-enables automatically after disabled.
  • Users no longer receive an error when processing the trace file due to a limited column size in the table associated with Before-After Data.
  • Users upgrading from SQL Compliance Manager 3.7 to 4.3 no longer receive numerous file parsing errors.
  • This release fixes an issue causing incorrect dates to appear if you have SELECT and Sensitive Columns enabled in the Audited Database Properties window. Previously, if the Database SELECT operations check box on the Audited Activities tab, and the Sensitive Columns tab includes All Columns of the dbo.Customers table, the dates in the summary for the associated SQL Server instance were incorrect.
  • An issue that prevented new SQL Compliance Manager Agent files from processing after adding a second node to a clustered repository no longer occurs.
  • All failed integrity checks now includes specific events in the Details area of the Integrity Check Results window.
  • Users no longer experience missing registry keys after re-adding monitored SQL Server instances.
  • Adding an audited database to a monitored SQL Server instance no longer returns the server settings to default.
  • Providing read-only access to the SQLcompliance database no longer requires that the GUEST account be enabled.

4.3 New features

SQL Compliance Manager 4.3 now offers a Collection Server-only install

SQL Compliance Manager 4.3 now allows you to install the Collection Server and Repository only to support installing SQL Compliance Manager on a cluster.

4.3 Fixed issues

There are no fixed issues in this release.

4.2 New features

New Family Educational Rights and Privacy Act (FERPA) guideline

Apply the new FERPA regulatory guideline to ensure your audited databases meet the requirements of this legislation. You can apply this guideline through the CLI or through the Import Audit Settings feature in the Console.

FERPA was introduced in 1974. This federal law mandates the confidentiality and protection of student information in any educational institution that receives funding from the Federal Government from kindergarten through the university level. FERPA generally prevents an education agency or institution from sharing student records or personally identifiable information in those records with individuals who are not authorized to view that information. In some cases authorized individuals need to be monitored to deter insider theft and unauthorized dissemination of information.

New Sarbanes Oxley (SOX) guideline

Apply the new SOX regulatory guideline to immediately enforce the right auditing settings for sensitive financial data. Collect a detailed audit trail of all access to that data and then deliver reports that prove your compliance to auditors. You can apply this guideline through the CLI or through the Import Audit Settings feature in the Console.

SOX, also known as the Corporate and Auditing Accountability and Responsibility Act, was first introduced in 2002. This legislation was put in place as a response to the corporate and accounting scandals which cost investors billions of dollars. From an information technology standpoint, security professionals and database administrators must collectively implement policies and processes that audit permissions on, and access to, financial data as well data changes such as before and after values.

New CLI actions register instances and apply audit settings

Use the new command line interface (CLI) actions to quickly and easily register large numbers of SQL Server instances and immediately apply audit settings to the hosted databases. You can choose to apply the default audit settings, custom audit settings you have exported from another audited instance, or a regulation guideline.

4.2 Fixed issues

  • When the T-SQL query associated with an event cannot be parsed, SQL Compliance Manager now captures the SQL statement and indicates that it could not be parsed. This issue was mostly likely to occur when auditing sensitive column access.
  • The Details tab of the Event Properties window now displays the SQL statement that is issued to SQL Server before SQL Server performs its query parameterization. This code represents the initial T-SQL query executed by the user.

4.0 New features

Offers HIPAA compliance guideline support

Collect data that helps you align with nine Health Insurance Portability Accountability Act (HIPAA) citations and one HITECH requirement via an out-of-the-box, customizable template.

Includes PCI compliance templates

Use the new, customizable auditing templates to help you comply with eight Payment Card Industry Data Security Standards (PCI DSS) requirement guidelines.

Provides Regulation Guideline reporting

The Regulation Guidelines report includes details for all of the guidelines applied to the databases on the selected SQL Server instance.

Features a new SQL Compliance Manager Configuration Wizard for ease of use

The new SQL Compliance Manager Configuration Wizard allows you to use a single wizard to register SQL Server instances, deploy the SQLcompliance Agent, add databases for audit, configure your audit settings for selected regulatory guidelines, and more.

4.0 Fixed issues

  • SQL Compliance Manager now properly processes Grant statements.
  • An issue causing SQL Compliance Manager to record Create and Drop Index events as Alter User Table events no longer occurs.
  • SQL Compliance Manager now loads custom reports on the Archived Events page without requiring the user to select a filter.
  • SQL Compliance Manager now honors the DML/SELECT filters if you enable both Select auditing and Sensitive Column Auditing.
  • SQL Compliance Manager now properly applies event filters for instances using non-standard ports.

3.7 New features

SQL Server 2012 compatible with experimental support

SQL Compliance Manager 3.7 is SQL Server 2012 RTM compatible. This version of SQL Compliance Manager is not certified against newer builds of SQL Server and should not be used with these builds in a production environment. IDERA provides experimental support while you use your installation in a testing environment to ensure the features you rely on most are working as, or better than, expected.

3.7 Fixed issues

There are no fixed issues in this release.

3.6 New features

New sensitive column alerting

You can now receive alert notifications when someone accesses a sensitive column in your audited databases.

Improved integrity check user interface

The Integrity Check Results window now indicates when before-after data associated with DML events and sensitive column access data associated with SELECT events have been modified or deleted.

3.6 Fixed issues

The following reports now include the option to view related data from all audited SQL Server instances in your environment:

  • Database Schema Change History
  • Object Activity
  • User Login History

3.5 New features

Sensitive column auditing

Track who has "selected" data from any number of columns in your audited tables and proactively identify malicious intent.

Transaction status auditing

Audit the status of any transaction that executes DML activity on your audited database. This audit data enhancement includes rollbacks and save points, allowing you to recognize suspicious activity.

3.5 Fixed issues

The Management Console now correctly imports alert rules exported from version 3.3 or earlier.

3.3 Fixed issues

  • SQL Compliance Manager now supports auditing SQL Server instances located in environments that require FIPS compliance.
  • The Collection Server now no longer performs duplicate processing of events collected in high-traffic environments. When this issue occurred, SQL Compliance Manager would write error and warning messages to the application event log, stating that it was either unable to read a trace file due to insufficient privileges or unable to delete the trace file due to a SQL Server lock.
  • You can now successfully audit before-after data for DML events that occur on SQL Server databases hosted by a Windows Server Cluster.
  • The DML/SELECT Filters tab of the Audited Database Properties window now allows you to successfully enable before-after auditing for DML events on specific database tables.

3.2 Hotfix 1 Fixed issues

  • The SQLcompliance Agent now correctly handles a fail over that occurs on an active-active Windows cluster.
  • When storing DML events collected for Before-After auditing, event processing now correctly stores each event only one time for statements that insert more than 1000 rows.

3.2 Fixed issues

  • The SQLcompliance Agent now refreshes its list of DBID (database identifier) properties at each heartbeat. This fix ensures that SQL Compliance Manager can continue collecting audit data for a database after its ID number changes. For example, database ID numbers can change when a database is dropped, backed up, re-attached, or restored.
  • The groom job now correctly deletes all events older than the specified age.
  • The groom job now correctly identifies the SQL Server version, ensuring it grooms before and after data generated by DML events in SQL Server 2005 or later only. The ability to collect before and after data is not supported on SQL Server 2000 instances. 
  • Event Filters now support blank, empty, or null values when specifying application and host names.

3.1 Hotfix 1 Fixed issues

  • When attempting to audit DML activity on specific databases, the SQLcompliance Agent would sometimes fail to collect the DML events according to your audit settings. With this hotfix, the SQLcompliance Agent correctly audits the specified databases for DML activity.
  • After enabling the ability to audit Before-After data on database tables, SQL Compliance Manager would require accounts to have administrator privileges to the tables created by SQL Compliance Manager in order to modify data in the audited table, potentially preventing third-party applications and other accounts from writing to these tables. This hotfix allows SQL Server logins to read and write to the audited tables per the assigned privileges.
  • When attempting to groom audit data from a SQL Compliance Manager Repository hosted on a SQL Server 2000 instance, the grooming process would fail, returning the error “incorrect syntax near the keyword 'TOP'”. With this hotfix, you can successfully groom the Repository.
  • When you attempt to update the archive database indexes using the command-line interface or the Management Console, the update process would fail. With this hotfix, you can successfully update all archive databases to the new Repository schema.
  • The Management Console did not correctly format statistics with large values, resulting in an incorrect Processed Events statistic on the Explore Activity views. This hotfix resolves these formatting issues.

 

SQL Compliance Manager audits all activity on your server. Learn more > >
  • No labels