Use Cases

DBAs have a heavy load when it comes to ensuring that their SQL Server environment complies with industry regulations such as CIS, DISA STIG, GDPR, HIPAA, NERC, NIST, PCI DSS, and SOX. Without a tool to automate the auditing and reporting, DBAs may spend days or weeks gathering and consolidating the required information.

In this era of data breaches, protecting corporate data from unauthorized access is a high priority. SQL Server DBAs need to ensure that permissions are limited to the right levels for users and groups, and that minimum access is enforced. If any inappropriate access is attempted, the DBA needs to be promptly notified of a potential risk.

It’s also important to ensure that permissions lists are updated regularly, particularly when people leave the organization. DBAs need to show proof that former employees or contractors no longer have access to corporate data, especially anything sensitive or mission critical. Keeping track of changes to database objects, permissions, logins, and group members is difficult when new databases and users are added.

  • Identify vulnerabilities in your SQL Server and Azure environments
  • Harden security policies across SQL Server and Azure SQL databases
  • Rank security levels with the security report card
  • Analyze and report on user permissions across database objects
  • Comply with audits using customizable regulatory guideline templates
Identify Vulnerabilities

Understand who has access to what and identify each user’s effective rights across all SQL Servers (on premises, private cloud, Amazon EC2 or Azure VM), Amazon RDS for SQL Server, and Azure SQL Database objects.

Set Strong Security Policies

View a complete history of SQL Server security set­tings and designate a baseline to compare against future changes, providing a valuable audit trail for forensic analysis.

Prevent Security Violations

SQL Secure provides an IDERA-defined Level 2 security check for balanced intrusion protection that leverages MSBPA and CIS guidelines, and more. The security report card identifies top security vulnerabilities on your databases and servers. Each security check is categorized as High, Medium, or Low Risk. You can drill into each security check to get more detail.

Analyze User Permissions

Analyze membership to powerful server roles and groups such as administrators, systems administrators, and security administrators to ensure the level of access is warranted. From a group, see the list of group members and select a member for further analysis. From a user, see the group memberships and drill upwards to view inherited permissions.

Security Templates

Choose from templates for CIS, DISA STIG, GDPR, HIPAA, NERC, NIST, PCI DSS, and SOX.

Defragment Efficiently

  • Simplify the identification of fragmentation hot spots of that reduce the performance of SQL Server by automatically analyzing key indicators.
  • Efficiently manage and track the defragmentation of many SQL Servers, databases, tables, and indexes across the environment by using the central management console that provides a single pane of glass to manage settings, monitor activity, and report results.
  • Quickly find the worst fragmented indexes by viewing the color-coded enterprise dashboard with lists that can be sorted to highlight the SQL Servers, databases, tables, and indexes across the environment that are most impacted by fragmentation.
  • Minimize the time spent on defragmentation by installing and configuring SQL Defrag Manager quickly for the entire environment, and minimize the learning curve by using the intuitive graphical user interface.

Automate Defragmentation

  • Efficiently manage the improvement of the performance of SQL Server via defragmentation by automating the processes of pinpointing fragmentation and subsequent defragmenting.
  • Reduce the time that is required to manage the maintenance on indexes by applying automation policies for defragmentation to multiple SQL Servers, databases, tables, and indexes across the environment simultaneously.

Minimize System Impact

  • Reduce the time required to manage many defragmentation jobs for many SQL Servers across the environment by specifying the conditions for when each job is started and stopped.
  • Minimize the impact of defragmentation jobs by scheduling the jobs at optimal times (such as off-peak hours and maintenance windows) and based on the size of the indexes.
  • Avoid database contention during defragmentation jobs by checking critical indicators for the utilization of system resources before starting the jobs.

Optimize Defragmentation

  • Improve the performance of SQL Server and reduce the frequency of defragmentation by reducing the splitting and shifting of pages by configuring the settings for the fill factor for index pages.
  • Manage evolving SQL Server environments for defragmentation by automatically adding and removing databases, tables, and indexes from policies on a daily basis.
  • Fully understand which defragmentation jobs finished successfully and which jobs were terminated prematurely by receiving email notifications for completions and exceptions.

Report on Improvements

  • Share with management and peers the attained improvements in the performance of SQL Server due to defragmentation by generating reports that highlight the worst fragmented objects (that is, SQL Servers, databases, tables, and indexes), reclaimed resources, and other essential information.
  • Report on the achieved cost savings from defragmentation by tracking the improvements via reclaimed resources for each SQL Server, database, table, and index across the environment per day and per year.

Security Analysis

Effective Rights Analysis

Analysis of users’ effective rights shows you how and where each right is granted, making it easy to pinpoint exactly what changes need to be made in order to close security holes.

Database Roles Permissions

View SQL Server, Amazon RDS for SQL Server, and Azure SQL database role members and sub-roles assigned and their effective permissions.

Server Object Settings

Browse and analyze all files, directories and registry settings associated with SQL Server and determine ownership as well as explicit and inherited security rights.

Weak Password Detection

Analyzes password health of SQL Server logins and reports on when passwords are weak or blank which would cause a susceptible to intrusion situation.

Surface Area And Protocols

Identifies services, ports, protocols and APIs that may allow SQL Server, Amazon RDS for SQL Server, or Azure SQL databases to be attacked by a malicious user. Enables you to understand and standardize which services you really need started or activated in your environment in order to reduce risk.

OS Security Analysis

Assess the OS setup to identify issues that would compromise SQL Server security.

Powerful User Analysis

Analyze membership to powerful server roles and groups such as administrators, system administrators and security administrators so you can ensure this level of access is warranted.

Detection of Unresolved Windows Accounts

View all logins on the target server, as well as any unresolved Windows accounts or groups.

Server Security Properties

Show all security related properties for servers including: version and patch level, authentication mode, audit mode, proxy account, and cross database chaining.

Self-Auditing

SQL Secure can monitor all activity related to SQL Secure administration.

Security Reporting

Pre-defined Policy Templates

Combines the most well-known industry standards into 3 distinct levels (Basic, Balanced, Strong) that define realistic guidelines for protecting SQL Server from the most common intrusion attacks.

Reporting Services

Shows details of services such as log-on and configuration.

Security Scorecard

Lists potential security concerns on your SQL Servers such as cross-database chaining and allows you to drilldown to view the full details of the diagrammed relationships.

History and Baselining

The SQL Secure repository keeps a complete history of SQL Server security settings, providing the ability to designate a baseline to compare against future snapshots to detect changes. This also provides a valuable audit trail for forensic analysis and compliance reports.

Powerful Reporting

Built-in standard reports provide detailed information for security auditing and compliance purposes. Produce custom reports detailing the specific information required for SLAs or perform custom analysis via the data stored on the SQL Secure repository. Data can be extracted and imported to Excel.

Risk Assessment

Security audit rules provide visibility for database access checks, configuration checks and permission checks.

Security Checks

Additional checks for data protection, encryption, and firewall rules for the SQL Server, Amazon RDS for SQL Server, and Azure SQL database platforms increase security audit coverage.

Cross-server Reporting</h35
Shows security state from a global view (e.g. all instances with guest accounts enabled).

Enterprise Management

Central Console

Provides an easy-to-use single point of control to manage the creation of collection rules and policies, view risks and assessments, monitor collection history, analyze user access rights and much more.

Integrated Cloud Support

Cloud-specific capabilities:

  • DBaaS: Azure-hosted and Amazon-hosted SQL Server databases, including Azure SQL Database and Amazon RDS for SQL Server
  • IaaS: SQL Server running on Azure Virtual Machines (VMs) and Amazon EC2
Cloud Connectivity

Connect to fully qualified domain names (instead of static IP addresses) for Azure VMs, Azure SQL Database instances, Amazon RDS, and Amazon EC2 as registered servers.

Configurable Data Collection

Define exactly what SQL Server security information you want to gather and when. Gathers from SQL Server on physical, virtual, or cloud hosts, Azure SQL Database, Amazon RDS for SQL Server, OS, File System, Registry, Active Directory (AD), Azure AD, and Amazon AD.

Central Repository

All security data collected by SQL Secure is stored in a central repository for easy reporting and forensic analysis.

Flexible Views

Use the flexible grid view to audit and analyze user permissions. Sort, group, or export all SQL Server logins in your enterprise. View all users’ assigned and effective rights and permissions at the server, database and object level.

Automated Server Registration

CSV import process provides improved support for large SQL Server environments with significant gains in time to value.

Server Group Tagging

Enables DBA teams to assign servers to groups, then view and manage security policies according to group designations.

System Requirements

Management Console
  • Windows 7 SP1+, Windows 8, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016
  • Microsoft .NET 4.5 SP1 or later
  • MDAC 2.8 or later
Collection Server & Data Repository
  • OS: Windows 7 SP1+, Windows 8, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016
  • Database: SQL Server 2008 R2, SQL Server 2012, SQL Server 2014, SQL Server 2016, SQL Server 2017 (Windows)
Microsoft SQL Server for Audited Instances
  • SQL Server 2000, SQL Server 2005, SQL Server 2008 SP1, SQL Server 2008 R2, SQL Server 2012 SP1, SQL Server 2014, SQL Server 2016, SQL Server 2017 (Windows), SQL Instances running in Azure VM and Amazon EC2, Azure SQL Database, Amazon RDS for SQL Server

SQL Secure does not install any components, DLLs, scripts, stored procedures or tables on the SQL Server instances being monitored.

Cloud
  • Runs on cloud virtual machines (such as Microsoft Azure VM and AWS EC2) with Microsoft Windows
  • Monitors and audits Azure SQL Database and Microsoft SQL Server instances as IaaS deployments on cloud virtual machines (including Microsoft Azure VM, Amazon RDS, and AWS EC2)
Browser Requirements
  • Internet Explorer 11.x+, Google Chrome, Microsoft Edge, Mozilla Firefox, Safari

Version History

Version 3.3
  • New security regulatory guideline policy template and security checks for General Protection Data Regulation (GDPR)
  • Enable targeted auditing and reporting for Amazon RDS for SQL Server and Amazon EC2 SQL Server instances
    • Support auditing of Amazon Active Directory accounts
    • Support Windows authentication using Amazon Active Directory accounts
    • Support SQL authentication for managed cloud instances
  • Audit Full-Text Catalog objects for Azure SQL Database and Amazon RDS
  • Install SQL Secure on Azure VM and Amazon EC2 running SQL Server
Version 3.2
  • New security regulatory guideline templates
    • Center for Internet Security (CIS) for SQL Server 2014 and 2016
    • Defense Information Security Agency (DISA) and National Institute of Standards and Technology (NIST) Security Technical Implementation Guides (STIGs)
    • Sarbanes-Oxley Act, Section 404 (SOX 404)
    • North American Electric Reliability Corporation (NERC)
  • Updates to existing security templates
    • Center for Internet Security (CIS) for SQL Server 2008 R2 and 2012
    • Payment Card Industry Data Security Standard (PCI DSS)
  • New policy checks for configuration, access, auditing, and logins
  • Support for SQL Server 2017 on Windows as both a repository and a monitored server
  • Bug fixes and branding updates
Version 3.1
  • Cloud-specific capabilities for Azure-hosted SQL Server databases, including Azure SQL Database and SQL Server running on Azure Virtual Machines (VMs)
  • Expanded Security Check coverage for data protection, encryption, and firewall rules for the SQL Server platform, including Always Encrypted and Transparent Data Encryption
  • Perform security audits on Azure SQL Database instances and Azure Active Directory
  • Connect to fully qualified domain names (instead of static IP addresses) for Azure VMs and Azure SQL Database instances as registered servers
  • Installation options expanded to support hybrid cloud environments
Version 3.0
  • An automated server registration process provides an easy way to add servers to SQL Server environments and makes it just as easy to manage the security settings of 100 SQL Servers as it would be for a single SQL Server
  • The easy-to-use server group tagging functionality enables DBA teams to view and manage security policies across multiple SQL Servers using user-defined groups such as department, line of business, region or application
  • Nine additional security audit rules for Risk Assessment enable broader database access checks, configuration checks and permission checks
Version 2.9
  • Report filter to show users within a group including login name and status (enabled/disabled)
  • Filter on User Permissions report to specify users at the database level
  • Enhancements to rule filter for name matches
  • Enumerate group members across domains configured as one-way trust
  • Support for SQL Server 2016
Version 2.8
  • New security checks added to reports
  • AlwaysOn Availability Group support
  • Support for SQL Server 2014
Version 2.7
  • Support for FIPS 140 (Federal Information Processing Standard)
  • Policy templates specific to PCI (Payment Card Industry v2.0) and HIPAA regulations
  • Weak password detection for SQL server logins
  • Support for SQL Server 2012 (console, repository and management server)
Version 2.6
  • IDERA-defined policy templates that check for common security vulnerabilities and combine the most well known industry standards into three distinct levels of security
    • Level 1 – Basic establishes a realistic entry-level baseline for SQL Server databases whose third-party applications do not interface with the World Wide Web
    • Level 2 – Balanced (default) establishes a more secure baseline for production SQL Server databases that are configured to support external connectivity while protecting against the most popular intrusion tactics
    • Level 3 – Strong enables the most security checks for mission-critical SQL Server databases that support Web-based, B2B, B2C, or external clients to prevent unauthorized disclosure and data tampering
    • Updated Security Templates
      • CIS – Center for Internet Security to version 1.2.0 (SQL 2005)
      • DOD- Department of Defense – Security Technical Implementation Guide- updated to version 8.1.5 for SQL server 2005
      • 25 new security checks (login, surface area, permission, configuration, access, audit, data integrity checks)
      • Support for clustered Repository
      • Support for SQL Server 2008 R2
      • Support for SQL Server 2008 (console, repository & management server)
Version 2.5
  • Ability to globally identify SQL server permissions and over time track the changes made to the server objects and provide reports to the auditors
  • Save an Assessment of the server security report card that identifies the risks associated with regulations (such as CIS, SSR, SOX, HIPAA) and track the changes with an assessment comparison report
  • Updated Security templates
    • CIS – Center for Internet Security to version 1.1.0 (SQL 2000,2005)
    • DOD- Department of Defense – Security Technical Implementation Guide- updated to version 8.1 for SQL server 2000,2005
    • Support for SQL Server 2008 (console, repository & management server)
Version 2.0
  • Policies – checks over 60 key security standards across your entire enterprise. Contains built in policies from NIST, DISA, CIS, and others. Or you can create your own
  • Dashboard – allows you to check and see where your enterprise of SQL Servers stands at a glance. Drill down into the details of the issues. See how to remediate problems
  • Alerts – upon collection, assesses your security state according to your standards and alerts you if anything fails to meet that standard
  • Database Roles Permission Explorer – view sub-roles, role members, and assigned and effective permissions
  • SQL Server Files, Directories, and Registry Settings – browse and analyze all files, directories and registry settings associated with SQL Server and determine ownership as well as explicit and inherited security rights
  • Services – show security details of services such as logon and configuration
  • SQL Server Surface Area and Protocols – disables unused components to reduce exploit risks
  • OS Security Analysis – assess the OS setup to identify issues that would compromise SQL Server security
  • Security Scorecard – lists potential security concerns on your SQL Servers such as cross database chaining and gives you the ability to drill down to view the full details
  • Reporting Enhancements – includes new comprehensive risk assessment report, many new reports, and enhancements to all reports. Added charts for visualization. Allows you to group servers in the reports by policy group containment
null

SQL Secure Datasheet

Everything you need to know, all in one downloadable PDF.
DOWNLOAD THE DATASHEET
null

The Word on the Streets

See what everyone has to say about SQL Secure.

DOWNLOAD THE PRODUCT REVIEW PDF

null

View a Democast

Let a pro show you some tips and tricks, live and free!

REGISTER FOR A DEMOCAST

SQL Secure Product Tour

Audit SQL Server User Permissions : SQL Secure discovers security vulnerabilities and user permissions for your entire environment of SQL Server, Amazon RDS for SQL Server, and Azure SQL databases, whether deployed on physical, virtual, or cloud hosts. From a summarized view you can quickly configure your permission collection schedule, take a snapshot of your existing security permissions, explore the SQL Server users and determine the permissions currently in place. Sort, group, or export all user logins using the flexible grid view to audit and analyze user permissions.

Security Report Card : Compare and contrast security related settings across your entire enterprise of SQL Servers. SQL Secure provides an IDERA-defined Level 2 security check for balanced intrusion protection. With the security report card, the top security vulnerabilities are identified on your servers. Security audit rules for Risk Assessment enable database access checks, configuration checks and permission checks. Each security check is categorized: High Risk, Medium Risk or Low Risk.

SQL Server Policies : With over 140 policy checks in seven categories, you can quickly and easily implement security policies across your entire enterprise of SQL Server and Azure SQL Database deployments, whether on-premises or cloud-based. You can import and deploy policy templates with recommendations derived from well-known authorities such as DISA SRR, CIS, and STIG, or use the IDERA-defined templates which combine those recommendations into 3 distinct levels of protection: Basic, Balanced, Strong.

SQL Server Object Access Rights : Browse and analyze the full SQL Server object tree from server level down to object level, roles, endpoints, etc. Instantly view assigned and effective/inherited permissions and security-related properties at any object level. View and verify all users’ assigned and effective rights and permissions at the server, database and object level. You can also view the history of the audits to confirm that the number of objects, permissions, logins and accounts are consistent with what has been previously set.

SQL Secure Reporting : Use the reporting tab to quickly create reports for audited SQL Server instances, cross server logins, all servers accessed by a particular user, vulnerabilities, risk assessments, user permissions, server and database roles, and much more. Use the assessment comparison to evaluate how your server permissions comply with internal and external guidelines at multiple points in time, and be alerted of any vulnerability that differs from the saved assessment.

Take Full Control of SQL Server Permissions

Download SQL Secure Today!

See who has access to what and how permissions are granted with SQL Secure.

Fully functional for 14 days. No credit card required (but all fields are).

    Overview
    Use Cases

    DBAs have a heavy load when it comes to ensuring that their SQL Server environment complies with industry regulations such as CIS, DISA STIG, GDPR, HIPAA, NERC, NIST, PCI DSS, and SOX. Without a tool to automate the auditing and reporting, DBAs may spend days or weeks gathering and consolidating the required information.

    In this era of data breaches, protecting corporate data from unauthorized access is a high priority. SQL Server DBAs need to ensure that permissions are limited to the right levels for users and groups, and that minimum access is enforced. If any inappropriate access is attempted, the DBA needs to be promptly notified of a potential risk.

    It’s also important to ensure that permissions lists are updated regularly, particularly when people leave the organization. DBAs need to show proof that former employees or contractors no longer have access to corporate data, especially anything sensitive or mission critical. Keeping track of changes to database objects, permissions, logins, and group members is difficult when new databases and users are added.

    • Identify vulnerabilities in your SQL Server and Azure environments
    • Harden security policies across SQL Server and Azure SQL databases
    • Rank security levels with the security report card
    • Analyze and report on user permissions across database objects
    • Comply with audits using customizable regulatory guideline templates
    Identify Vulnerabilities

    Understand who has access to what and identify each user’s effective rights across all SQL Servers (on premises, private cloud, Amazon EC2 or Azure VM), Amazon RDS for SQL Server, and Azure SQL Database objects.

    Set Strong Security Policies

    View a complete history of SQL Server security set­tings and designate a baseline to compare against future changes, providing a valuable audit trail for forensic analysis.

    Prevent Security Violations

    SQL Secure provides an IDERA-defined Level 2 security check for balanced intrusion protection that leverages MSBPA and CIS guidelines, and more. The security report card identifies top security vulnerabilities on your databases and servers. Each security check is categorized as High, Medium, or Low Risk. You can drill into each security check to get more detail.

    Analyze User Permissions

    Analyze membership to powerful server roles and groups such as administrators, systems administrators, and security administrators to ensure the level of access is warranted. From a group, see the list of group members and select a member for further analysis. From a user, see the group memberships and drill upwards to view inherited permissions.

    Security Templates

    Choose from templates for CIS, DISA STIG, GDPR, HIPAA, NERC, NIST, PCI DSS, and SOX.

    Defragment Efficiently

    • Simplify the identification of fragmentation hot spots of that reduce the performance of SQL Server by automatically analyzing key indicators.
    • Efficiently manage and track the defragmentation of many SQL Servers, databases, tables, and indexes across the environment by using the central management console that provides a single pane of glass to manage settings, monitor activity, and report results.
    • Quickly find the worst fragmented indexes by viewing the color-coded enterprise dashboard with lists that can be sorted to highlight the SQL Servers, databases, tables, and indexes across the environment that are most impacted by fragmentation.
    • Minimize the time spent on defragmentation by installing and configuring SQL Defrag Manager quickly for the entire environment, and minimize the learning curve by using the intuitive graphical user interface.

    Automate Defragmentation

    • Efficiently manage the improvement of the performance of SQL Server via defragmentation by automating the processes of pinpointing fragmentation and subsequent defragmenting.
    • Reduce the time that is required to manage the maintenance on indexes by applying automation policies for defragmentation to multiple SQL Servers, databases, tables, and indexes across the environment simultaneously.

    Minimize System Impact

    • Reduce the time required to manage many defragmentation jobs for many SQL Servers across the environment by specifying the conditions for when each job is started and stopped.
    • Minimize the impact of defragmentation jobs by scheduling the jobs at optimal times (such as off-peak hours and maintenance windows) and based on the size of the indexes.
    • Avoid database contention during defragmentation jobs by checking critical indicators for the utilization of system resources before starting the jobs.

    Optimize Defragmentation

    • Improve the performance of SQL Server and reduce the frequency of defragmentation by reducing the splitting and shifting of pages by configuring the settings for the fill factor for index pages.
    • Manage evolving SQL Server environments for defragmentation by automatically adding and removing databases, tables, and indexes from policies on a daily basis.
    • Fully understand which defragmentation jobs finished successfully and which jobs were terminated prematurely by receiving email notifications for completions and exceptions.

    Report on Improvements

    • Share with management and peers the attained improvements in the performance of SQL Server due to defragmentation by generating reports that highlight the worst fragmented objects (that is, SQL Servers, databases, tables, and indexes), reclaimed resources, and other essential information.
    • Report on the achieved cost savings from defragmentation by tracking the improvements via reclaimed resources for each SQL Server, database, table, and index across the environment per day and per year.
    Details

    Security Analysis

    Effective Rights Analysis

    Analysis of users’ effective rights shows you how and where each right is granted, making it easy to pinpoint exactly what changes need to be made in order to close security holes.

    Database Roles Permissions

    View SQL Server, Amazon RDS for SQL Server, and Azure SQL database role members and sub-roles assigned and their effective permissions.

    Server Object Settings

    Browse and analyze all files, directories and registry settings associated with SQL Server and determine ownership as well as explicit and inherited security rights.

    Weak Password Detection

    Analyzes password health of SQL Server logins and reports on when passwords are weak or blank which would cause a susceptible to intrusion situation.

    Surface Area And Protocols

    Identifies services, ports, protocols and APIs that may allow SQL Server, Amazon RDS for SQL Server, or Azure SQL databases to be attacked by a malicious user. Enables you to understand and standardize which services you really need started or activated in your environment in order to reduce risk.

    OS Security Analysis

    Assess the OS setup to identify issues that would compromise SQL Server security.

    Powerful User Analysis

    Analyze membership to powerful server roles and groups such as administrators, system administrators and security administrators so you can ensure this level of access is warranted.

    Detection of Unresolved Windows Accounts

    View all logins on the target server, as well as any unresolved Windows accounts or groups.

    Server Security Properties

    Show all security related properties for servers including: version and patch level, authentication mode, audit mode, proxy account, and cross database chaining.

    Self-Auditing

    SQL Secure can monitor all activity related to SQL Secure administration.

    Security Reporting

    Pre-defined Policy Templates

    Combines the most well-known industry standards into 3 distinct levels (Basic, Balanced, Strong) that define realistic guidelines for protecting SQL Server from the most common intrusion attacks.

    Reporting Services

    Shows details of services such as log-on and configuration.

    Security Scorecard

    Lists potential security concerns on your SQL Servers such as cross-database chaining and allows you to drilldown to view the full details of the diagrammed relationships.

    History and Baselining

    The SQL Secure repository keeps a complete history of SQL Server security settings, providing the ability to designate a baseline to compare against future snapshots to detect changes. This also provides a valuable audit trail for forensic analysis and compliance reports.

    Powerful Reporting

    Built-in standard reports provide detailed information for security auditing and compliance purposes. Produce custom reports detailing the specific information required for SLAs or perform custom analysis via the data stored on the SQL Secure repository. Data can be extracted and imported to Excel.

    Risk Assessment

    Security audit rules provide visibility for database access checks, configuration checks and permission checks.

    Security Checks

    Additional checks for data protection, encryption, and firewall rules for the SQL Server, Amazon RDS for SQL Server, and Azure SQL database platforms increase security audit coverage.

    Cross-server Reporting</h35
    Shows security state from a global view (e.g. all instances with guest accounts enabled).

    Enterprise Management

    Central Console

    Provides an easy-to-use single point of control to manage the creation of collection rules and policies, view risks and assessments, monitor collection history, analyze user access rights and much more.

    Integrated Cloud Support

    Cloud-specific capabilities:

    • DBaaS: Azure-hosted and Amazon-hosted SQL Server databases, including Azure SQL Database and Amazon RDS for SQL Server
    • IaaS: SQL Server running on Azure Virtual Machines (VMs) and Amazon EC2
    Cloud Connectivity

    Connect to fully qualified domain names (instead of static IP addresses) for Azure VMs, Azure SQL Database instances, Amazon RDS, and Amazon EC2 as registered servers.

    Configurable Data Collection

    Define exactly what SQL Server security information you want to gather and when. Gathers from SQL Server on physical, virtual, or cloud hosts, Azure SQL Database, Amazon RDS for SQL Server, OS, File System, Registry, Active Directory (AD), Azure AD, and Amazon AD.

    Central Repository

    All security data collected by SQL Secure is stored in a central repository for easy reporting and forensic analysis.

    Flexible Views

    Use the flexible grid view to audit and analyze user permissions. Sort, group, or export all SQL Server logins in your enterprise. View all users’ assigned and effective rights and permissions at the server, database and object level.

    Automated Server Registration

    CSV import process provides improved support for large SQL Server environments with significant gains in time to value.

    Server Group Tagging

    Enables DBA teams to assign servers to groups, then view and manage security policies according to group designations.

    Tec Specs

    System Requirements

    Management Console
    • Windows 7 SP1+, Windows 8, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016
    • Microsoft .NET 4.5 SP1 or later
    • MDAC 2.8 or later
    Collection Server & Data Repository
    • OS: Windows 7 SP1+, Windows 8, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016
    • Database: SQL Server 2008 R2, SQL Server 2012, SQL Server 2014, SQL Server 2016, SQL Server 2017 (Windows)
    Microsoft SQL Server for Audited Instances
    • SQL Server 2000, SQL Server 2005, SQL Server 2008 SP1, SQL Server 2008 R2, SQL Server 2012 SP1, SQL Server 2014, SQL Server 2016, SQL Server 2017 (Windows), SQL Instances running in Azure VM and Amazon EC2, Azure SQL Database, Amazon RDS for SQL Server

    SQL Secure does not install any components, DLLs, scripts, stored procedures or tables on the SQL Server instances being monitored.

    Cloud
    • Runs on cloud virtual machines (such as Microsoft Azure VM and AWS EC2) with Microsoft Windows
    • Monitors and audits Azure SQL Database and Microsoft SQL Server instances as IaaS deployments on cloud virtual machines (including Microsoft Azure VM, Amazon RDS, and AWS EC2)
    Browser Requirements
    • Internet Explorer 11.x+, Google Chrome, Microsoft Edge, Mozilla Firefox, Safari

    Version History

    Version 3.3
    • New security regulatory guideline policy template and security checks for General Protection Data Regulation (GDPR)
    • Enable targeted auditing and reporting for Amazon RDS for SQL Server and Amazon EC2 SQL Server instances
      • Support auditing of Amazon Active Directory accounts
      • Support Windows authentication using Amazon Active Directory accounts
      • Support SQL authentication for managed cloud instances
    • Audit Full-Text Catalog objects for Azure SQL Database and Amazon RDS
    • Install SQL Secure on Azure VM and Amazon EC2 running SQL Server
    Version 3.2
    • New security regulatory guideline templates
      • Center for Internet Security (CIS) for SQL Server 2014 and 2016
      • Defense Information Security Agency (DISA) and National Institute of Standards and Technology (NIST) Security Technical Implementation Guides (STIGs)
      • Sarbanes-Oxley Act, Section 404 (SOX 404)
      • North American Electric Reliability Corporation (NERC)
    • Updates to existing security templates
      • Center for Internet Security (CIS) for SQL Server 2008 R2 and 2012
      • Payment Card Industry Data Security Standard (PCI DSS)
    • New policy checks for configuration, access, auditing, and logins
    • Support for SQL Server 2017 on Windows as both a repository and a monitored server
    • Bug fixes and branding updates
    Version 3.1
    • Cloud-specific capabilities for Azure-hosted SQL Server databases, including Azure SQL Database and SQL Server running on Azure Virtual Machines (VMs)
    • Expanded Security Check coverage for data protection, encryption, and firewall rules for the SQL Server platform, including Always Encrypted and Transparent Data Encryption
    • Perform security audits on Azure SQL Database instances and Azure Active Directory
    • Connect to fully qualified domain names (instead of static IP addresses) for Azure VMs and Azure SQL Database instances as registered servers
    • Installation options expanded to support hybrid cloud environments
    Version 3.0
    • An automated server registration process provides an easy way to add servers to SQL Server environments and makes it just as easy to manage the security settings of 100 SQL Servers as it would be for a single SQL Server
    • The easy-to-use server group tagging functionality enables DBA teams to view and manage security policies across multiple SQL Servers using user-defined groups such as department, line of business, region or application
    • Nine additional security audit rules for Risk Assessment enable broader database access checks, configuration checks and permission checks
    Version 2.9
    • Report filter to show users within a group including login name and status (enabled/disabled)
    • Filter on User Permissions report to specify users at the database level
    • Enhancements to rule filter for name matches
    • Enumerate group members across domains configured as one-way trust
    • Support for SQL Server 2016
    Version 2.8
    • New security checks added to reports
    • AlwaysOn Availability Group support
    • Support for SQL Server 2014
    Version 2.7
    • Support for FIPS 140 (Federal Information Processing Standard)
    • Policy templates specific to PCI (Payment Card Industry v2.0) and HIPAA regulations
    • Weak password detection for SQL server logins
    • Support for SQL Server 2012 (console, repository and management server)
    Version 2.6
    • IDERA-defined policy templates that check for common security vulnerabilities and combine the most well known industry standards into three distinct levels of security
      • Level 1 – Basic establishes a realistic entry-level baseline for SQL Server databases whose third-party applications do not interface with the World Wide Web
      • Level 2 – Balanced (default) establishes a more secure baseline for production SQL Server databases that are configured to support external connectivity while protecting against the most popular intrusion tactics
      • Level 3 – Strong enables the most security checks for mission-critical SQL Server databases that support Web-based, B2B, B2C, or external clients to prevent unauthorized disclosure and data tampering
      • Updated Security Templates
        • CIS – Center for Internet Security to version 1.2.0 (SQL 2005)
        • DOD- Department of Defense – Security Technical Implementation Guide- updated to version 8.1.5 for SQL server 2005
        • 25 new security checks (login, surface area, permission, configuration, access, audit, data integrity checks)
        • Support for clustered Repository
        • Support for SQL Server 2008 R2
        • Support for SQL Server 2008 (console, repository & management server)
    Version 2.5
    • Ability to globally identify SQL server permissions and over time track the changes made to the server objects and provide reports to the auditors
    • Save an Assessment of the server security report card that identifies the risks associated with regulations (such as CIS, SSR, SOX, HIPAA) and track the changes with an assessment comparison report
    • Updated Security templates
      • CIS – Center for Internet Security to version 1.1.0 (SQL 2000,2005)
      • DOD- Department of Defense – Security Technical Implementation Guide- updated to version 8.1 for SQL server 2000,2005
      • Support for SQL Server 2008 (console, repository & management server)
    Version 2.0
    • Policies – checks over 60 key security standards across your entire enterprise. Contains built in policies from NIST, DISA, CIS, and others. Or you can create your own
    • Dashboard – allows you to check and see where your enterprise of SQL Servers stands at a glance. Drill down into the details of the issues. See how to remediate problems
    • Alerts – upon collection, assesses your security state according to your standards and alerts you if anything fails to meet that standard
    • Database Roles Permission Explorer – view sub-roles, role members, and assigned and effective permissions
    • SQL Server Files, Directories, and Registry Settings – browse and analyze all files, directories and registry settings associated with SQL Server and determine ownership as well as explicit and inherited security rights
    • Services – show security details of services such as logon and configuration
    • SQL Server Surface Area and Protocols – disables unused components to reduce exploit risks
    • OS Security Analysis – assess the OS setup to identify issues that would compromise SQL Server security
    • Security Scorecard – lists potential security concerns on your SQL Servers such as cross database chaining and gives you the ability to drill down to view the full details
    • Reporting Enhancements – includes new comprehensive risk assessment report, many new reports, and enhancements to all reports. Added charts for visualization. Allows you to group servers in the reports by policy group containment
    Resources
    null

    SQL Secure Datasheet

    Everything you need to know, all in one downloadable PDF.
    DOWNLOAD THE DATASHEET
    null

    The Word on the Streets

    See what everyone has to say about SQL Secure.

    DOWNLOAD THE PRODUCT REVIEW PDF

    null

    View a Democast

    Let a pro show you some tips and tricks, live and free!

    REGISTER FOR A DEMOCAST

    Tour

    SQL Secure Product Tour

    Audit SQL Server User Permissions : SQL Secure discovers security vulnerabilities and user permissions for your entire environment of SQL Server, Amazon RDS for SQL Server, and Azure SQL databases, whether deployed on physical, virtual, or cloud hosts. From a summarized view you can quickly configure your permission collection schedule, take a snapshot of your existing security permissions, explore the SQL Server users and determine the permissions currently in place. Sort, group, or export all user logins using the flexible grid view to audit and analyze user permissions.

    Security Report Card : Compare and contrast security related settings across your entire enterprise of SQL Servers. SQL Secure provides an IDERA-defined Level 2 security check for balanced intrusion protection. With the security report card, the top security vulnerabilities are identified on your servers. Security audit rules for Risk Assessment enable database access checks, configuration checks and permission checks. Each security check is categorized: High Risk, Medium Risk or Low Risk.

    SQL Server Policies : With over 140 policy checks in seven categories, you can quickly and easily implement security policies across your entire enterprise of SQL Server and Azure SQL Database deployments, whether on-premises or cloud-based. You can import and deploy policy templates with recommendations derived from well-known authorities such as DISA SRR, CIS, and STIG, or use the IDERA-defined templates which combine those recommendations into 3 distinct levels of protection: Basic, Balanced, Strong.

    SQL Server Object Access Rights : Browse and analyze the full SQL Server object tree from server level down to object level, roles, endpoints, etc. Instantly view assigned and effective/inherited permissions and security-related properties at any object level. View and verify all users’ assigned and effective rights and permissions at the server, database and object level. You can also view the history of the audits to confirm that the number of objects, permissions, logins and accounts are consistent with what has been previously set.

    SQL Secure Reporting : Use the reporting tab to quickly create reports for audited SQL Server instances, cross server logins, all servers accessed by a particular user, vulnerabilities, risk assessments, user permissions, server and database roles, and much more. Use the assessment comparison to evaluate how your server permissions comply with internal and external guidelines at multiple points in time, and be alerted of any vulnerability that differs from the saved assessment.

    Download

    Take Full Control of SQL Server Permissions

    Download SQL Secure Today!

    See who has access to what and how permissions are granted with SQL Secure.

    Fully functional for 14 days. No credit card required (but all fields are).

      START FOR FREE

      No credit card required. Fully functioanal for 14 days!

      Buy Now

      Includes first year of maintenance.
      Volume discounts available

      Add to Cart

      Save up to 45% with license pack bundles.

      Request a Quote

      Live Product Demo

      See SQL Secure in action with a seasoned pro.

      Request a Demo
      START FOR FREE

      No credit card required. Fully functioanal for 14 days!