Management Console

• Windows 2000 Server SP4 or later, Windows XP SP2 or later, Windows Server 2003 SP2 or later, Windows Server 2008, Windows Server 2008 R2, Windows Vista Business and Enterprise, Windows 7
• Microsoft .NET 2.0 SP1 or later
• IE 7.0 or later for online Help
• MDAC 2.8 or later

Data Repository

• SQL Server 2005 SP1 or later, SQL Server 2008, SQL Server 2008 R2

Microsoft SQL Server for Audited Instances

• SQL Server 2000, SQL Server 2005 or later, SQL Server 2008, SQL Server 2008 R2

SQL secure does not install any components, DLLs, scripts, stored procedures or tables on the SQL Server instances being monitored.

New in Version 2.6 - Released 5/25/2010 - Release Notes

• Idera defined policy templates that check for common security vulnerabilities and combine the most well known industry standards into three distinct levels of security
  • Level1 - Basic establishes a realistic entry-level baseline for SQL Server databases whose third-party applications do not interface with the World Wide Web
  • Level 2 - Balanced (default) establishes a more secure baseline for production SQL Server databases that are configured to support external connectivity while protecting against the most popular intrusion tactics
  • Level 3 - Strong enables the most security checks for mission-critical SQL Server databases that support Web-based, B2B, B2C, or external clients to prevent unauthorized disclosure and data tampering
    
• Updated Security Templates
  • CIS – Center for Internet Security to version 1.2.0 (SQL 2005)
  • DOD- Department of Defense – Security Technical Implementation Guide- updated to version 8.1.5 for SQL server 2005
    
• 25 new security checks (login, surface area, permission, configuration, access, audit, data integrity checks)
  
• Support for clustered Repository
  
• Support for SQL Server 2008 R2
  
• Support for SQL Server 2008 (console, repository & management server)
  

New in Version 2.5

• Ability to globally identify SQL server permissions and over time track the changes made to the server objects and provide reports to the auditors
  
• Save an Assessment of the server security report card that identifies the risks associated with regulations like (CIS,SRR,SOX,HiPAA) and track the changes with an assessment comparison report
  
• Updated Security templates
  • CIS – Center for Internet Security to version 1.1.0 (SQL 2000,2005)
  • DOD- Department of Defense – Security Technical Implementation Guide- updated to version 8.1 for SQL server 2000,2005
    
• Support for SQL Server 2008 (console, repository & management server)
  

New in Version 2.0

• Policies – checks over 60 key security standards across your entire enterprise. Contains built in policies from NIST, DISA, CIS, and others. Or you can create your own.
  
• Dashboard – allows you to check and see where your enterprise of SQL Servers stands at a glance. Drill down into the details of the issues. See how to remediate problems.
  
• Alerts – upon collection assesses your security state the according to your standards and alerts you if anything fails to meet that standard.
  
• Database Roles Permission Explorer – view sub-roles, role members, assigned and effective permissions.
  
• SQL Server Files, Directories, and Registry Settings – browse and analyze all files, directories and registry settings associated with SQL Server and determine ownership as well as explicit and inherited security rights.
  
• Services – show security details of services such as logon and configuration.
  
• SQL Server Surface Area and Protocols – disables unused components to reduce exploit risks.
  
• OS Security Analysis – assess the OS setup to identify issues that would compromise SQL Server security.
  
• Security Scorecard – lists potential security concerns on your SQL Servers such as cross database chaining and gives you the ability to drill down to view the full details.
  
• Reporting Enhancements – includes new comprehensive risk assessment report, many new reports, and enhancements to all reports. Added charts for visualization. Allows you to group servers in the reports by policy group containment.
  

Powerful Security Model Analyses

Continuous Change Monitoring

Comprehensive Security and Entitlement Reporting