SQLsecure analyses permissions data from SQL Server and Active Directory and the file system and registry to show who has access to which database objects and how access has been granted. It monitors changes made to access rights so that unapproved changes can be identified and fixed and evaluates key security settings within SQL serve, providing pro-active recommendations to improve server security.
New Features include:
- Idera-defined Policy Templates: check for common security vulnerabilities and combine industry standards into three distinct levels of security:
- Level1: Basic establishes an entry-level baseline for SQL Server databases where third-party applications do not interface with the web
- Level 2: Balanced (default) establishes a more secure baseline for production SQL Server databases that are configured to support external connectivity while protecting against intrusion tactics
- Level 3: Strong enables the most security checks for critical SQL Server databases that support web-based, B2B, B2C or external clients to prevent unauthorised disclosure and data tampering.
- Updated Security Templates:
- CIS: Centre for Internet Security to version 1.2.0 for SQL 2005
- DOD: Department of Defence Security Technical Implementation Guide updated to version 8.1.5 for SQL server 2005.
- New login, surface area, permission, configuration, access, audit, data integrity security checks
- Support for clustered repository
- Support for SQL Server 2008 R2
,li>Support for SQL Server 2008 (console, repository and management server).
- Define and baseline a security model against known standards
- Create policies using customisable policy templates
- Prepare for audits by documenting policies and adherence to controls
- Assess vulnerabilities across all SQL Servers
- Identify and track changes made to saved assessments, policies and snapshots.