Easily apply the right auditing settings to your servers and databases for Payment Card Industry (PCI), Family Educational Rights and Privacy Act (FERPA), Sarbanes Oxley Act (SOX), and Health Insurance Portability and Accountability Act (HIPAA) regulations. Extensive research is no longer required as you can simply define the objects and apply the (out-of-the-box) customizable templates.
Audit & Alert on Sensitive Columns
Audit any combination of columns and track who has issued “SELECT” statements against any table whether they are end-users or privileged users. Additionally, you can be alerted when any combination of columns are accessed.
Audit data changes on any table so you can compare before and after data values resulting from inserts, updates and deletions.
Audit Privileged Users
Allows you to include user-defined events (custom SQL Server event types) selected from a list in audited activities. You can audit, alert on, and filter user-defined events. Privileged user auditing is key to ensure all access to databases can be tracked and reported.
Low-overhead Data Collection
A lightweight agent captures data from the SQL Server trace files in real-time and extracts the selected events for auditing. The data collected is saved to the repository in scheduled batches.
Tamper-proof Audit Data Repository
Guarantees the integrity of audit data by providing an immutable repository – any attempts at changing or tampering with the audit data can be detected. In addition, powerful self-auditing features capture and alert on all changes to auditing policies and data collection parameters.
Users can be granted auditor privileges only. Users in the auditor role have read-only permission. This supports report and query execution as well as self-audit, integrity reporting, and alerting of changes to SQL compliance manager configuration and data collection parameters.
Powerful filtering capabilities enable you to collect only what is important for audit and compliance; reducing data collection, transmission and storage overhead.
Provides customized alerting for over 200 specific SQL Server Event types, allowing you to define rules to receive immediate notification when critical SQL server events occur. These events are stored in the audit repository, can be emailed directly to a user and/or written to an event log that feeds an in-house operations monitor system (e.g. SCOM).
Configure multiple event threshold levels and set alerts. Be alerted through email, windows event log, or SNMP when they are exceeded.
Supports comprehensive auditing of database events. For example, events can be captured for data changes resulting from INSERT, UPDATE, or DELETE activity on tables, or additional application context can be included within your audit trail.
User-Defined Event Auditing
Allows you to include user-defined events (custom SQL Server event types) selected from a list in audited activities. You can audit, alert on, and filter user-defined events.
Central Management Console
With the flexibility to utilize both a Windows or web-based console, SQL Compliance Manager provides enterprises multiple options to deploy and manage compliance based on their IT environment and needs. This enables rapid configuration and deployment of SQL compliance manager agents as well as real-time monitoring of agent activity and the audit data stream. This makes it easy to manage and track audit activity over a large number of servers.
Guided Instance Install
Guided installation wizard makes registering new SQL Server instances with SQL Compliance Manager fast and easy. This ensures permissions and rights are set correctly to monitor the new instance.
Central Data Repository
A central repository houses all audit data. The published, user-friendly repository schema enables easy development of queries and custom reports. In addition, multiple repositories may be used where required for security partitioning purposes.
Dynamic Deployment Technology
Automatically deploys and configures the SQL compliance manager agents, enabling rapid deployment and eliminating the need for time consuming software installs on your SQL servers.
Efficient Data Archive
Built-in archiving mechanisms enable archiving to be scheduled on any frequency and archives can easily be restored to the current audit data repository or a separate repository. Additionally, you can easily leverage SQL safe, IDERA’s high-performance backup solution, to compress and encrypt audit data archives.
Availability Group Support
Automatically switches the auditing from primary to the secondary replica in the event of failure as well as failback to primary when it comes back online. No loss of audit data trail in the event of failure.