IDERA SQL Compliance Manager Review
Tracks logins and stores the information centrally where we can lock it down


What is our primary use case?

We use it for auditing requirements. We also use it to identify activities, see what is going on, who is connecting.

How has it helped my organization?

The tool can track logins and login failures. I made my own alert so that if there is a certain number of login failures for a server, it emails me. That is really useful. If I want logins to automatically lock out after a certain number of failed attempts, I can know when that happens. It's a good security feature but it also helps because sometimes users are setting up their report or their service and they lock out their account but they don't tell anyone. I can easily see that.

It's really useful because, with over 100 servers, it's difficult to check that many. It's nice to have Idera where it clicks everything into central Repository, a central server, and you can just query that.

The big requirement of our audit is to track logins and SQL Compliance Manager centralizes it, puts it in a spot where we can "protect" the logs. It's not like logs on the server that could be wiped out. It's collected centrally and we can lock that down.

What is most valuable?

The ability to track activity including the SQL statements is definitely valuable. I really like how the database is laid out. It's straightforward. I can query the back-end tables. I've made a few of my own email alerts based on the data and the tables. It's accessible. That's very important.

Also, one of the things that comes with SQL Server is SQL Server Profiler. We use IDERA SQL Compliance Manager in that same manner to trace activity, and it does a good job of storing. Profiler is okay but it doesn't really store it in one shot like Idera does.

We've used the before and after, mainly because we are interested to see what an app is doing. Sometimes we have an app and we don't understand its behavior. We use the before and after data to see "Okay, this is what it is doing, this is what it is changing things to."

What needs improvement?

There is an agent that collects the data on SQL Server. Sometimes it will stop collecting. I'm not exactly sure what's happening but I have to go in and manually restart the agent. It would be nice if the central collection server could send a request to the agent to restart. "Oh, you haven't collected data for a week or two, go ahead and restart." Whenever we restart the agent, it starts collecting data again. I have my own script. It checks the data collection to see how old it is. If it's over two days stale then I restart the agent. It would be nice if the tool itself could do that.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

There haven't been many stability issues. A couple of versions back, it would crash on the install. I would add an agent, go the central Repository, add the new server in, and it would crash just after the checks. I haven't seen that recently but I also haven't done many installs lately. I'm not sure if it's still an issue but I think it has gotten better.

What do I think about the scalability of the solution?

I haven't had any huge scalability issues but I do have a lot of servers monitored and it does tend to get a bit sluggish.

It's in the documentation that you can't let your database go over 20GB. Once it does that, you can't archive it. I have run into that. You have to make sure you don't get too big and then it's fine.

How is customer service and technical support?

Tech support has been okay. I ran into an issue earlier this year where my collection had stopped for a week. I had a backlog of way too many events. I contacted tech support and they gave me the typical, "Have you tried this?" and I did that. But I just ended up uninstalling and reinstalling. It was just easier. Typically, they are okay, but I haven't used them too much.

Which solutions did we use previously?

We weren't using anything before.

How was the initial setup?

For the most part, the initial setup is pretty good. You install, it works. It's pretty straightforward. I have a firewall-type issue that makes it complicated but if you don't have any firewall issues, it's straightforward. 

Setup was one of the reasons I picked the tool. We compared other tools when we were looking at something to buy. Idera just installed, it worked. If you're just doing the general, standard type of stuff, it works. It's good.

What was our ROI?

It saves me from having to manually do scripts. But a hard ROI number, I would have to think about that.

What's my experience with pricing, setup cost, and licensing?

The pricing is pretty good.

In terms of licensing I have more of a wishlist. If they had cheaper licensing for development, or free licensing for development, that would be cool.

Which other solutions did I evaluate?

We evaluated a McAfee product but I don't remember the name of it.

What other advice do I have?

You should look at your use cases, the type of stuff it collects. In terms of cons, you really need to make sure you trim your data, your archive. Otherwise, depending on your activity, your database can get huge, unusable.

I give this solution a nine out of 10. It's not a 10 because I have to babysit the agents. They stop collecting and I have to manually restart them.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

Add a Comment

Guest
Why do you like it?

Sign Up with Email