SQL secure


Security Analysis and Auditing

Product Highlights

bullet Evaluate the state of security across all SQL Servers
bullet Analyze user and group effective access rights
bullet View inherited rights on server or database objects
bullet Receive proactive alerts on security risks and vulnerabilities
bullet Track compliance with security standards from DISA, CIS and NSA
bullet Satisfy audit requirements with entitlement reports
 

Why SQLsecure?

Idera SQLsecure helps to identify holes in SQL Server security and ensure compliance with increasing audit requirements. SQLsecure collects and analyzes permissions data from SQL Server and Active Directory as well as the file system and registry to show who has access to what database objects and how that access is granted. SQLsecure also monitors changes made to access rights so that unwanted changes can be easily identified and fixed. In SQLsecure also collects and evaluates key security settings within SQL Server and provides proactive recommendations to improve server security..

SQL secure
Click to enlarge

Key Benefits

Powerful Security Model Analyses
Security Model Analysis
– SQLsecure gathers a complete picture of the security of your SQL Server environment, including: 

bullet

Effective User Permissions – select a user and discover all assigned and effective rights and permissions at the server, database and object level.

bullet

Users and Groups – drill up or down on users and groups. From a group, see the list of users or groups and select for further analysis. From a user, see the group memberships and drill upwards to review the inherited permissions.

bullet

Object Access Rights – browse and analyze the full SQL Server object tree from server level down to object level (tables, etc), roles, endpoints etc. Instantly view assigned and effective/inherited permissions and security-related properties at any object level.

Detect Threats, Changes and Policy Violations
SQLsecure contains built-in best-practice security policies and remediation guidance based on known standards from organizations such as DISA, CIS, NIST, and others. Additionally, you can create custom policies to track compliance with your own corporate standards. Policy reports evaluate the state of security on your servers and built-in alerts notify you immediately when servers fall out of compliance.

Comprehensive Security and Entitlement Reporting
SQLsecure provides built-in reports designed in partnership with IT security professionals and major auditing firms to support compliance standards such as ISO and COBIT

Regulations Covered

bullet PCI DSS v 1.1 Payment Card Industry
bullet VISA CISP
bullet Basel II Capital Accord (ISO 17799:2000)
bullet SOA Sarbanes-Oxley Act Section 404 (COSO, CobiT)
bullet HIPAA Health Insurance Portability And Accountability Act of 1996
bullet GLBA Gramm-Leach-Bliley Act of 1999
bullet NERC Standard 1200
bullet FISMA (NIST 800-53 Draft)

Standards, Policies & Gudelines Covered

bullet ISO 17799:2000
bullet CIS Benchmark for SQL Server
bullet DISA Database STIG Security Checklist for MS SQL Server
bullet NSA Systems and Network Attack Center (SNAC) Guidelines for SQL Server 2000


 

Copyright | SQL Tools | Legal | Privacy