Please share with the community what you think needs improvement with IDERA SQL Compliance Manager.
What are its weaknesses? What would you like to see changed in a future version?
We are not on the latest version yet so I'm not sure if that version is a lot better in terms of grooming/archiving.
The set up is kind of clunky, in my opinion. It's not really intuitive. If they had either a smoother install or better instructions, that would be nice.
There is an agent that collects the data on SQL Server. Sometimes it will stop collecting. I'm not exactly sure what's happening but I have to go in and manually restart the agent. It would be nice if the central collection server could send a request to the agent to restart. "Oh, you haven't collected data for a week or two, go ahead and restart." Whenever we restart the agent, it starts collecting data again. I have my own script. It checks the data collection to see how old it is. If it's over two days stale then I restart the agent. It would be nice if the tool itself could do that.
What would really be nice is if it were a bit more flexible, in several ways. The assistant for creating rules is nice, as it looks like Microsoft Outlook, but it's not flexible enough. What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name. Because in our environment, we're suffering from the fact that we have a huge amount of login events. A really huge amount of login events. We have gigabytes of login and logout from the same application; sometimes, several thousand times within one second. These are very badly coded applications for sure, but we have a lot of that. We didn't code them ourselves. It's bought software. We need filter rules for certain combinations as I mentioned above. These rules have to be maintained and have to be audited by the people that take care of the applications that cause the login events. It's difficult for us because we don't want to give them access to Compliance Manager. What would very much easier for us is to give them some kind of self-service to take care of a list of a combination of host, account, and application name, because only they know whether this combination is valid or not. They know how their application service is named and what services they're using. They have to maintain this list. It would be much easier if there was a table that we would maintain, or they would maintain via self-service, and we could use this table to establish these filter rules. At the moment, we have to check all the rules after this table is maintained by our colleagues who maintain or run the applications. After that, I wrote a stored procedure that creates, depending on the table, new rules in Compliance Manager, but that's a workaround. It's not a really nice solution, so it would be much better if Compliance Manager would have functionality like that built in. That's one thing. Another nice feature would be concerning GDPR: some kind of base-lining of database access or some kind of inventory for tables or certain columns or types of columns. IDERA already has several other tools, free tools, to search for certain criteria of columns holding things like credit card numbers, for example. It would be nice if that would be a feature within Compliance Manager, as it's very a very similar thing, it goes hand in hand.