![IDERA SQL Compliance Manager vs. McAfee Vulnerability Manager for Databases [EOL] report](https://www.peerspot.com/assets/media/images/icons/pdf-80836ec55e578300f3745ed6bfc69a24a4e8d0bc.svg){kind=icon}
![McAfee Vulnerability Manager for Databases [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,f_auto,q_auto,w_64/KhY3BKx8jXkMHFMEa3DJ8dKd.jpg)
![McAfee Vulnerability Manager for Databases [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,f_auto,q_auto,w_30/KhY3BKx8jXkMHFMEa3DJ8dKd.jpg){kind=small}
![McAfee Vulnerability Manager for Databases [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,f_auto,q_auto,w_40/KhY3BKx8jXkMHFMEa3DJ8dKd.jpg){kind=small}
What would really be nice is if it were a bit more flexible, in several ways. The assistant for creating rules is nice, as it looks like Microsoft Outlook, but it's not flexible enough. What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name. Because in our environment, we're suffering from the fact that we have a huge amount of login events. A really huge amount of login events. We have gigabytes of login and logout from the same application; sometimes, several thousand times within one second. These are very badly coded applications for sure, but we have a lot of that. We didn't code them ourselves. It's bought software. We need filter rules for certain combinations as I mentioned above. These rules have to be maintained and have to be audited by the people that take care of the applications that cause the login events. It's difficult for us because we don't want to give them access to Compliance Manager. What would very much easier for us is to give them some kind of self-service to take care of a list of a combination of host, account, and application name, because only they know whether this combination is valid or not. They know how their application service is named and what services they're using. They have to maintain this list. It would be much easier if there was a table that we would maintain, or they would maintain via self-service, and we could use this table to establish these filter rules. At the moment, we have to check all the rules after this table is maintained by our colleagues who maintain or run the applications. After that, I wrote a stored procedure that creates, depending on the table, new rules in Compliance Manager, but that's a workaround. It's not a really nice solution, so it would be much better if Compliance Manager would have functionality like that built in. That's one thing. Another nice feature would be concerning GDPR: some kind of base-lining of database access or some kind of inventory for tables or certain columns or types of columns. IDERA already has several other tools, free tools, to search for certain criteria of columns holding things like credit card numbers, for example. It would be nice if that would be a feature within Compliance Manager, as it's very a very similar thing, it goes hand in hand.
