To view this email as a web page, go here.
To ensure future delivery of emails, please add news@idera.com to your safe sender list or address book.

     ISSUE 15  |  November 2006

Focus on: SQL Server Security

Welcome to SQLsmarts, Idera’s monthly newsletter for SQL Server Professionals! We welcome your questions, comments or suggestions.
Email us at SQLsmartseditor@Idera.com.

 Product News

New SQLsecure:
Powerful security analysis & auditing for SQL Server

Do you really know who has access to your SQL Server data or exactly what rights each user has been granted? SQL Server 2005 introduces major security enhancements that give database administrators more control over who has access to sensitive SQL Server data. These new features provide “granular permission control” and can be very powerful, but also very dangerous if not used properly.

For example, let’s say you need to give a user access to one object. SQL Server 2005 provides granular permissions at the server level, database level, schema level, object level, and principal level. Therefore, when you grant permission at a schema level, the principal will actually get that permission on all objects in the specified schema – not just on one object. In short, unless you are planning ahead, some users may end up with access rights that you didn’t want them to have!

With Idera’s new product, SQLsecure, you don’t need to worry about how to verify exactly who has access to what or how those rights were obtained. You can quickly and easily determine whether your data is properly secured. SQLsecure automatically assesses, audits, and monitors all user and object security permissions and settings throughout your SQL Server 2000 or 2005 environments as well as  the associated user and group information in AD domains and local computers – helping you keep users in check, eliminate security holes, meet compliance requirements, and ensure the integrity of your company’s SQL Server data.

SQLsecure will help you lock down and manage SQL Server Security like a Superhero. You’ll be able to:

  • Quickly determine who has access to SQL Server and how the rights were obtained
  • Automatically assess effective access rights and permissions for any user, group, or object
  • Evaluate permissions at multiple levels of SQL Server, including at the Windows level, the database level and the Active Directory level
  • Analyze all SQL Server security settings across all servers from a central point of control
  • Monitor any changes made to permissions or security settings
  • Use pre-defined templates to easily create entitlement reports to satisfy security audit or compliance requirements

What’s more, SQLsecure installs in minutes and is extremely easy-to-use. Like all of Idera’s solutions, you don’t have to be a SQL Server expert to use and understand the product!

DOWNLOAD: Try SQLsecure Free for 14 days!
LEARN MORE


Announcing SQL diagnostic manager v4.5:
Real-time performance monitoring & deep diagnostics for SQL Server

Designed to meet the needs of enterprise-scale SQL Server implementations, SQL diagnostic manager provides industry-leading performance monitoring, powerful alerting, and deep diagnostics for SQL Server environments. Easy-to-install and implement, SQL diagnostic manager provides continuous, low-impact monitoring of all SQL Servers throughout an enterprise from a central point of control. SQL diagnostic manager was recently chosen as the best SQL Server performance monitoring solution in SQL Server Magazine’s 2006 Editor’s Choice Awards.

New features delivered in SQL diagnostic manager v4.5 include:
  • Operating System Metrics Collection – Collect metrics and alert on CPU, Memory and Disk utilization of the operating system.
  • Most Frequently Run Queries – Provide the ability to view the list of the most frequently run queries.
  • Maintenance Mode – Provide the ability for a particular instance to be placed in maintenance mode, which turns off data collection and alerting during critical maintenance periods.

DOWNLOAD: Try SQL diagnostic manager v4.5 Free for 14 days!
LEARN MORE


 Live Web Seminar

Register Now to Attend This Live Web Seminar:
SQL Server 2005 Security Simplified: Managing Permissions
 Hosted by: Idera, Solid Quality Learning, and SQL Server Magazine
November 9, 2006
9 AM Pacific | 11 AM Central | 12 PM Eastern

Are you confused about how the new security permission model works in SQL Server 2005? Are you planning your migration and need to make sure that the security around your data is correct? This Web seminar – hosted by Idera, Solid Quality Learning & SQL Server Magazine – will show you how you can ensure that only authorized users have access to your SQL Servers and that your security model is solid.

This live Web seminar will give you a primer on SQL Server 2005 security, including:
  • The new permission security model in SQL Server 2005
  • How permissions work in SQL Server 2005
  • How users receive permissions
  • How the different levels of the permission hierarchy can be used to fine-tune user permissions in SQL Server 2005
  • New software from Idera: SQLsecure, security auditing and analysis for SQL Server

Register Now

SPEAKERS:
Randy Dyess, Mentor, Solid Quality Learning
Randy has a large variety of experiences dealing with SQL Server over the past nine years and has worked with environments with Terabytes of data and environments that had thousands of databases with just megabytes of data in each database. Currently, Randy is a mentor with Solid Quality Learning. Randy is the author of TransactSQL Language Reference Guide, coauthor of MCTS Self-Paced Training Kit: Microsoft SQL Server 2005 Implementation and Maintenance (Exam 70-431) and numerous magazine and newsletter articles pertaining to SQL Server. He is also the founder and principle author of www.TransactSQL.Com and www.Database-Security.Info. Randy is a member of the Board of Directors for PASS and is the Director of Programs for the North Texas SQL Server Users Group.

Michael Frank, Director of Technology, Idera
Mike Frank has over 17 years of experience in systems and database management technology including IT security, database management, and meeting federal regulatory requirements. Mike plays an instrumental role in the product planning and development at Idera and has helped the company bring several SQL Server security and compliance products to market including Idera's newest product – SQLsecure.
 
 Tech Tips

New SQL Server 2005 Security Terminology
Excerpt from: Microsoft SQL Server 2005: Changing the Paradigm
Written by: Scalability Experts, Inc.

The following are some important permissions terms that are new in SQL Server 2005:

  • Principal: A generic term that can be used to refer to an individual Windows login or a Windows group, a SQL login, a database user, an application role, or a database role, which is used for authentication and authorization purposes in SQL Server. The sa SQL Server login and BUILTIN/Administrators Windows group are examples of principals. Each principal has a unique SID. The sys.server_principals and sys.database_principals catalog views can be used to view a list of server-level and database-level principals, respectively.
  • Securables: Items like endpoints, databases, tables, views, functions, procedures, and so on that you can secure at the server level, database level, or schema level.
  • Grantor: The principal that grants a permission
  • Grantee: The principal to whom the permission is granted

 Webcast

New On-Demand Webcast!

Best Practices & Tools for SQL Server Change Management
Presented by: SSWUG.org and Idera
  • Does managing change in your SQL Servers cause you headaches?
  • Do you have problems rolling new databases into production?
  • Do you have problems with unplanned and unauthorized changes?

This archived event, presented by Stephen Wynkoop, Editor of SSWUG.org and Microsoft MVP, and Idera will be a great refresher on how to build a development/test/production environment database flow. You’ll also get advice and information you need to best manage changes across your SQL Server environment.

You’ll also see a full demonstration of Idera’s SQL change manager including how the product can help you:

  • Monitor, track & manage SQL Server schema changes enterprise-wide
  • Roll back erroneous changes
  • Roll out schema changes and updates from development to production
  • Keep snapshots of all schema versions
  • Produce change reports for compliance purposes

View the Webcast now
 
 Feedback

We want to hear from you!

Do you have an interesting story about how Idera product(s) have helped you? Want to share a product tip, trick or hint? Have product suggestions or questions?

Your feedback helps us ensure that our newsletter is helpful! You may even find your input published here in future newsletters.

Please send your comments and suggestions to SQLsmartseditor@idera.com
 
 
  Try SQLsecure free for 14 days!
DOWNLOAD NOW   

Click to Enlarge

Visit Idera at these upcoming events:

  • Idera Hosts the Microsoft Across America Truck:

  • 2006 Softchoice Technology Optimization Roadshow:

 


Buy the Book Online
 
 

This email was sent by: %%Member_Busname%%
%%Member_Addr%% %%Member_City%%, %%Member_State%%, %%Member_PostalCode%%, %%Member_Country%%

    Update Profile    Unsubscribe