Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 


 
     
Recent Posts
   
Popular Topics
Home   
Search
    Members    Calendar    Who's On

Home » SQL Server 7,2000 » Sarbanes-Oxley » Looking for Security Auditing solution
Add to briefcase
20 posts, Page 1 of 2
12»»

Looking for Security Auditing solution Expand / Collapse
Rate Topic
Display Mode
Topic Options
Author
Message
Jack Henry
Posted Friday, September 30, 2005 2:02 PM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Tuesday, August 15, 2006 9:37 PM
Points: 1, Visits: 1

I am looking for a security auditing solution. Any feedback on 3rd party vendors that supply these solutions?

Thanks,

Jack
Post #225294
Site Owners
Posted Monday, October 03, 2005 8:00 AM
SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Friday, May 18, 2007 3:36 PM
Points: 10,040, Visits: 1
No one has responded to this topic yet. Even if you don't have a complete answer, the original poster will appreciate any thoughts you have!
Post #225507
Erich Brinker
Posted Monday, October 03, 2005 8:40 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Saturday, December 10, 2011 6:38 AM
Points: 215, Visits: 633
I know there is something from Idera called SQL Compliance Manager that is designed for meeting SOX requirements.  It is around 975.00 per server and will hit for a 5%(according to their sales folks) rise in CPU processing. 
Post #225531
Carl Federl
Posted Thursday, October 27, 2005 12:23 PM
SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: Today @ 11:54 AM
Points: 2,224, Visits: 4,080
What do you mean by an Security Auditing solution ?
Some possibilites include:

Process and procedures to managing SQL Server Security rights such as creating logins, changing passwords, granting roles, etc.

Tracking security activity on the SQL server such as login successes and login failures.

Tracking environmental changes such as changes to tables, views, stored procedures, etc.

SQL = Scarcely Qualifies as a Language
Post #233075
Mike-263299
Posted Friday, October 28, 2005 8:43 AM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Thursday, January 14, 2010 12:46 PM
Points: 51, Visits: 38

We're looking at Lumigent's AuditDB solution right now...

http://www.lumigent.com/products/auditdb_sql.html

Might want to check it out...
Post #233349
David Brountas
Posted Monday, November 28, 2005 2:02 PM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Monday, October 09, 2006 10:17 PM
Points: 16, Visits: 1

This depends solely on the type of business you are in. I am curious as to the level of auditing as well. Can you clarify the goals you are looking to accomplish?

Is this specifically a SQL security project or are you looking for a full level security audit which might include infrastructure assessments, server and router hardening etc.

David.
Post #240119
Joseph Mulhall
Posted Tuesday, December 06, 2005 7:25 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Wednesday, February 18, 2009 11:43 AM
Points: 296, Visits: 42
You an achieve virtually any audit requirement with native tools; make sure what your requirements are before you get the checque book out.
Post #242223
Mike-263299
Posted Tuesday, December 06, 2005 7:55 AM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Thursday, January 14, 2010 12:46 PM
Points: 51, Visits: 38

Joseph:  Yeah, I was very surprised at how little Lumigent did...I thought the auditing was at a much different level, but from what the sales guy said I wasn't impressed and agree that you can do it with native tools for the most part.

 

As to our goals...It's an enterprise wide issue. We have HIPPA and PCI regulations that we need to follow as well as SOX, etc.  The DB monitoring is just one piece to the puzzle.
Post #242235
Linda Johanning
Posted Tuesday, March 07, 2006 9:40 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Monday, May 13, 2013 11:26 AM
Points: 330, Visits: 510
We're also looking for an auditing application because running Profiler adds too much overhead.  I found Apex SQL Audit and have downloaded it, but haven't done any testing.  I also haven't tested the other two products mention although I've downloaded them.  So far, I'm not too impressed about what I've read on various products.  Have you checked out DBGhost?  Has anyone found a 3rd party product that they would recommend?


Post #263900
Joseph Mulhall
Posted Thursday, March 09, 2006 8:46 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Wednesday, February 18, 2009 11:43 AM
Points: 296, Visits: 42
You've read the thread; so what are your auditing and security requirements?

If you think there's a piece of software that has the solution, you've failed to understand the problem.
Post #264544
« Prev Topic | Next Topic »

Add to briefcase
20 posts, Page 1 of 2
12»»

Permissions Expand / Collapse

 
 
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.