The Security and Compliance package

The Security and Compliance package provides a detailed evaluation of your Microsoft SQL Server’s security and compliance, managed via dbWatch Control Center. It offers in-depth insights into your server’s security and compliance state, covering system configuration, adherence to industry norms, and potential vulnerabilities. The results include identified risk areas and practical recommendations to enhance security and ensure regulatory compliance. The aim is to equip you with the necessary information and tools for effective decision-making, risk mitigation, and proactive protection of your SQL Server environment.

Package contents

The Security and Compliance package includes the following:

Security and Compliance Assessment Report
Security and Compliance dashboards
38 new monitoring jobs that detect and alert on security and compliance-related issues
2 Monitoring templates

The Security and Compliance report

This report, comprised of five chapters, offers a comprehensive analysis of your Microsoft SQL Server’s security and compliance status, as managed by the dbWatch Control Center. It aggregates data from all 40 “Security and Compliance” jobs (or those installed) and is tailored to be run against a specific instance.

Overview

This document acts as a thorough evaluation of your SQL Server environment’s security and compliance framework, facilitated through dbWatch Control Center. It provides a detailed examination of your deployment’s security state and compliance level. Our review covers a full inspection of your system’s setup, conformity with established industry protocols, and identification of any vulnerabilities that could threaten your data security. The findings of our analysis are clearly presented, pinpointing critical areas and offering practical advice for enhancing your security measures and meeting regulatory standards. Our objective is to equip you with essential insights and tools that enable well-informed decisions, reduce risk factors, and actively safeguard your SQL Server environment.

Compliance summary

This chapter provides details on configuration discrepancies identified through the ‘Security and Compliance’
module, which has been installed and configured within the MS SQL Server instance. This exploration empowers IT
professionals to navigate the complexities of security and compliance, facilitating a deeper comprehension of the
system’s integrity. Armed with this knowledge, users can proactively address and rectify any identified issues,
ensuring a resilient and compliant IT environment

Compliance status

This chapter provides a comprehensive overview of the ‘Security and Compliance’ jobs that have been installed and
executed on the MS SQL Server instance. It offers detailed insights into the compliance status for various categories
of non-compliance issues detected within your SQL Server environment. In the following sections, we break down
these categories and analyze their respective compliance standings. In the following sections the “Status” column
indicates the job status. The return status value for a job (if it is non-compliant) can be “OK”, “WARNING” or
“ALARM”. There can be several parameters that affect the status. It is crucial to note that setting those parameters
to “OK” implies that the job will consistently report an “OK” status, even when non-compliant. Therefore there is an
additional column, “Non Comp.” which indicates job status regardless of the configuration settings.

Job configuration

This chapter provides details on jobs responsible for gathering Security and Compliance statistics. Certain jobs have
the capability to modify (enable/disable/enforce) instance or database settings based on configured parameters.

Auto change

This table presents the enable/disable/enforce functionality settings for some Security and Compliance jobs. When
configured, the job has the capability to automatically modify instance or database configurations to ensure
compliance. For jobs where automatic configuration changes are not feasible, both parameter names and values
remain empty.

Appendix

This chapter serves as a comprehensive reference, offering descriptions of all Security and Compliance jobs within
the system. Each job’s purpose, functionality, and specific actions are outlined, providing users with an
understanding of the roles these jobs play in maintaining security and compliance standards.

Here is a sample report from the Security and Compliance package.

Dashboards / Farm views

The dashboard provides a comprehensive overview of where the ‘Security and Compliance’ module is installed. It details the number and types of ‘errors’ relative to ‘Microsoft best practices’ and more. In summary, it features:
The number of instances where the module is installed.
The total count of unique ‘errors’.
Details of ‘errors’ and how many instances are affected by each. The number of ‘errors’ per instance.

On each database instance, you can then drill down to a specific job to investigate what issues are present.

Monitoring

In the monitoring interface, you can see the overall status for the database instance, as well as all the monitoring jobs installed, their status, scheduled time, and short details. Each of these will have a built-in report for that particular metric.

There is a job (Security and Compliance framework) that is exclusively used for aggregating and analyzing data from the remaining jobs. Among other functions, it can alert you to any changes in the ‘errors’ occurring within the instance.

A report (right-click on the job and select report) for this job has details on that status for all the Security and Compliance jobs for that instance and its status will typically look like this:

It also keeps track of changes in compliance warning over time, so you can see if your hard work improves the security of your database instance.

Templates

There are two templates that simplify the installation of the “Security and Compliance” module. One of them configures all jobs so that they don’t trigger alerts. Even without sending alerts, their actual status remains visible in Farm-views.

← Installation of the Security and Compliance package / Automated maintenance package →

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment