2018-08-05T06:48:00Z

What needs improvement with IDERA SQL Compliance Manager?

Julia Miller - PeerSpot reviewer
  • 0
  • 9
PeerSpot user
5

5 Answers

TT
Real User
Top 20
2022-08-29T19:17:45Z
Aug 29, 2022

The solution could be improved by using the proper filtration, navigation of the information it captured, and being more organized.

Search for a product comparison
RA
Real User
2018-09-25T09:23:00Z
Sep 25, 2018

We are not on the latest version yet so I'm not sure if that version is a lot better in terms of grooming/archiving.

KB
Real User
2018-09-16T12:29:00Z
Sep 16, 2018

The set up is kind of clunky, in my opinion. It's not really intuitive. If they had either a smoother install or better instructions, that would be nice.

JH
Real User
2018-08-16T08:29:00Z
Aug 16, 2018

There is an agent that collects the data on SQL Server. Sometimes it will stop collecting. I'm not exactly sure what's happening but I have to go in and manually restart the agent. It would be nice if the central collection server could send a request to the agent to restart. "Oh, you haven't collected data for a week or two, go ahead and restart." Whenever we restart the agent, it starts collecting data again. I have my own script. It checks the data collection to see how old it is. If it's over two days stale then I restart the agent. It would be nice if the tool itself could do that.

MH
Real User
2018-08-05T06:48:00Z
Aug 5, 2018

What would really be nice is if it were a bit more flexible, in several ways. The assistant for creating rules is nice, as it looks like Microsoft Outlook, but it's not flexible enough. What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name. Because in our environment, we're suffering from the fact that we have a huge amount of login events. A really huge amount of login events. We have gigabytes of login and logout from the same application; sometimes, several thousand times within one second. These are very badly coded applications for sure, but we have a lot of that. We didn't code them ourselves. It's bought software. We need filter rules for certain combinations as I mentioned above. These rules have to be maintained and have to be audited by the people that take care of the applications that cause the login events. It's difficult for us because we don't want to give them access to Compliance Manager. What would very much easier for us is to give them some kind of self-service to take care of a list of a combination of host, account, and application name, because only they know whether this combination is valid or not. They know how their application service is named and what services they're using. They have to maintain this list. It would be much easier if there was a table that we would maintain, or they would maintain via self-service, and we could use this table to establish these filter rules. At the moment, we have to check all the rules after this table is maintained by our colleagues who maintain or run the applications. After that, I wrote a stored procedure that creates, depending on the table, new rules in Compliance Manager, but that's a workaround. It's not a really nice solution, so it would be much better if Compliance Manager would have functionality like that built in. That's one thing. Another nice feature would be concerning GDPR: some kind of base-lining of database access or some kind of inventory for tables or certain columns or types of columns. IDERA already has several other tools, free tools, to search for certain criteria of columns holding things like credit card numbers, for example. It would be nice if that would be a feature within Compliance Manager, as it's very a very similar thing, it goes hand in hand.

Find out what your peers are saying about IDERA, IBM, Imperva and others in Database Security. Updated: March 2024.
765,386 professionals have used our research since 2012.
Database Security
What is database security? Database security consists of a range of security controls, tools and practices designed to protect the database management system (DBMS). There are several security measures your organization should implement, from protecting the physical infrastructure holding the servers to securing the network and access to the data. Database security tools and practices should protect: Data inside the database The database management system Data in transit from and to...
Download Database Security ReportRead more