www.datasunrise.com DataSunrise Database Security Suite 4.0.4 Release Notes
Contents DataSunrise Database Security Suite 4.0.4... 3 New features...3 Known limitations... 3 Version history... 5 DataSunrise 4.0.3 features...5 DataSunrise 4.0.2 features...5 DataSunrise 4.0.1 features...5 DataSunrise 3.7.9 features...5 DataSunrise 3.7.8 features...5 DataSunrise 3.7.7 features...5 DataSunrise 3.7.6 features...6 DataSunrise 3.7.5 features...6 DataSunrise 3.7.4 features...6 DataSunrise 3.7.3 Features...6 DataSunrise 3.7.2 Features...6 DataSunrise 3.7.1 Features...7 DataSunrise 3.7.0 Features...7 DataSunrise 3.6.1 Features...7 DataSunrise 3.6.0 Features...7 DataSunrise 3.5.2 Features...7 DataSunrise 3.5.1 Features...8 DataSunrise 3.5 Features... 8 DataSunrise 3.4 Features... 8 DataSunrise 3.3 Features... 8 DataSunrise 3.2 Features... 8 DataSunrise 3.1 Features... 9 DataSunrise 3.0 Features... 9 DataSunrise 2.1.1 Features...9 DataSunrise 2.1.0 Features... 10 DataSunrise 2.0.9 Features... 10 DataSunrise 2.0.8 Features... 10 DataSunrise 2.0.7 Features... 10 DataSunrise 2.0.6 Features... 10
DataSunrise Database Security Suite 4.0.4 DataSunrise Database Security Suite 4.0.4 3 This document contains important information about new features and known limitations of DataSunrise Database Security Suite 4.0.4 It also contains information about previous versions of DataSunrise. New features DataSunrise Database Security Suite 4.0.4 includes the following features and enhancements: 1. Integration with CyberArk AMI 2. Periodic tasks (Health check, Data Discovery, Metadata update) 3. Customizable LDAP strings for Authentication Proxy 4. Sending metrics to AWS Cloud Watch 5. MARS/sniffer improvements 6. Expanded health check functionality Known limitations The following tables describe unfixed known bugs and limitations: Oracle Bug number Description 1347 Processing of connections is not supported for: Radius, Kerberos, SSL authentication methods Network data encryption and integrity (except SSL) Real application security (RAS) - Data auditing is not supported for: Oracle objects, PLSQL, XML data types Piecewise LOB operations (OCILobXXX oci functions) - Blocking and masking are not supported for: Direct export (exp with parameter direct=y) Direct path (api sqlldr utility) Startup/shutdown commands Plsql rpc IBM DB2 Bug number Description 1341 Processing of encrypted traffic when using DRDA is not supported. 1344 Processing of operations with procedures and functions written in non-sql languages (Natural languages) is not supported. 1361 SELECT FROM INSERT/UPDATE/DELETE queries are not processed and masked correctly.
DataSunrise Database Security Suite 4.0.4 4 Netezza Bug number Description 1339 Blocking and masking of COPY queries is not supported (excluding PostgreSQL 8.2+ and Greenplum) - Masking and blocking of LOAD (SELECT from external file) queries is not supported (excluding PostgreSQL 8.2+ and Greenplum) PostgreSQL Bug number Description - Masking and blocking for COPY commands for SQL below 8.1 is not supported Greenplum Bug number Description - - Microsoft SQL Server Bug number Description 1276 Most prioritized cipher suites are not supported. 1105 User-created prepared statement descriptor cannot be always intercepted. 1348 Unsupported tokens: ALTMETADATA, ALTROW, ENVCHANGE (Character set, Unicode data sorting local id, Unicode data sorting comparison flags, Enlist DTC Transaction, Defect Transaction, Real Time Log Shipping, Promote Transaction, Transaction Manager Address, Transaction ended, Sends back name of user instance started per login request, Sends routing information to client), FEATUREEXTACK, FEDAUTHINFO, SESSIONSTATE, TVP ROW. 1349 Unsupported streams: BulkLoadBCP, BulkLoadUTWT, FEDAUTH, FEDAUTHREQUIRED, NONCEOPT), SSPI Message. 1354 When blocking queries in a thread, ODBC client is not aware of output parameters following the parameters of deleted (blocked) query. MySQL Bug number Description 481 User-defined variables cannot be used to create prepared statements identifiers. 858 HandlerSocket protocol is not supported. 1170 X-Protocol is not supported. 1261 NDBAPI and communication protocol is not supported. - Masking and blocking for LOAD and UNLOAD queries is not supported. 1352 Replication protocol packets cannot be parsed (currently, they are skipped). 1159 When renaming both tables and views is performed by RENAME TABLE statement, it is not obvious what type of object actually meant on grammar level.
Version history Version history 5 This subsection contains information about previous versions of DataSunrise. DataSunrise 4.0.3 features 1. Data Masking for Mongo implemented 2. Added a possibility to create Health checkers with URLs 3. Added notifications on failed authentication attempts DataSunrise 4.0.2 features 1. Improved log messages 2. Added possibility to disable update of masked columns DataSunrise 4.0.1 features 1. Added License manager 2. Implemented a tree for Admin Queries 3. Added Rules for Sessions DataSunrise 3.7.9 features 1. Implemented notifications on exceedance of permissible memory size. 2. Added check on adding of recursive groups and users. 3. Improved Dictionary/auditing for MySQL. 4. Implemented Static Masking feature for SAP Hana. DataSunrise 3.7.8 features 1. Implemented MongoDB support. 2. New web UI (optional). 3. Improved Static Masking. DataSunrise 3.7.7 features 1. Identification of client application users. 2. Improved processing of PostgreSQL traffic. 3. Speeded up auditing. 4. Now you can get a list of database users of a target database (except DB2 and Hive) via the web UI.
Version history 6 5. Added a possibility to import client keys and certificates. 6. Improved notifications and reports on multiple instances and groups. DataSunrise 3.7.6 features 1. Added traffic filtering by client application users and app user groups. Captured application users are displayed in event details. 2. Added options to Static Masking settings to configure creation of target tables and related objects. 3. Improvements in traffic filtering system (Rules). 4. Fixed processing of MySQL traffic with compression enabled. 5. Sending SNMP messages and alerts to report on DataSunrise's own health check (like memory usage, throughput etc.) and "infrastructure health" (like failed connections and login attempts, errors with scheduled tasks etc.). DataSunrise 3.7.5 features 1. Authentication proxy for MySQL. Added User mapping options to the GUI. 2. Added possibility to edit Email messages (Email templates). 3. Added possibility to send messages about DataSunrise status via SNMP traps. 4. Possibility to allocate separate audit and Message Handler threads for specific proxies. DataSunrise 3.7.4 features 1. Added possibility to pass parameters to a custom function during dynamic masking. 2. Sensitive Operations report type deleted from the Report Type drop-down list of the RepGen and moved to the Audit report settings (Table Name and Schema name columns should be checked for reporting on Sensitive operations). 3. Fixed some Taradata and Hive related problems. 4. Other minor changes and enhancements. DataSunrise 3.7.3 Features 1. Added a server name in reports when DataSunrise is configured in High-Availability mode. 2. Changes in UI for settings of an SNMP server. DataSunrise 3.7.2 Features 1. Fixed bugs occurred when storing the Dictionary in an MySQL database. 2. Fixed restoring from backup when using a PostgreSQL database to store the Dictionary. 3. Optimized audit-related memory consumption. 4. Added Multiple services (on a single host) feature. 5. Added basic support of Vertica database. 6. Added Data Discovery report type to Report Generator.
Version history 7 7. Added Retry button for Static masking. 8. Improved reports. 9. Unique IDs and row IDs for Report Generator reports. DataSunrise 3.7.1 Features 1. "Regular expression" type filtering added to Session filtering settings 2. Added new type of report for Sensitive data search (Sensitive operations report) 3. Other enhancements and bug fixes. DataSunrise 3.7.0 Features 1. Implemented multi-level configuring of traffic filtering (Filter session for rules) 2. Added exclude feature for Data Discovery 3. Added backup and recovery feature 4. Automatic creation of DS users for AD users 5. Repgen extended 6. Granularity for Syslog and Events. DataSunrise 3.6.1 Features 1. New parameters for Query based and Admin queries filters 2. Added filtering by object types and objects for reports 3. New parameters for user roles 4. Active directory authorization 5. Implemented exporting of reports through Syslog in.cef format. DataSunrise 3.6.0 Features 1. Implemented role-based access management for the web UI. 2. Implemented multi-server configuration (Failover) 3. Implemented advanced reporting. DataSunrise 3.5.2 Features 1. Implemented filtering of events by data. 2. Fixed a problem which occurs when connecting to MySQL 5.0 and 5.1 3. Improved support of Windows Authentication for SQL Server. 4. Implemented processing of rules with consideration of the number of affected rows.
Version history 8 DataSunrise 3.5.1 Features 1. Implemented Static Masking functionality for Postgres, MySQL, MS SQL Server and Oracle Database. 2. Improved proxy stability. 3. Improved MS SQL grammar parsing. DataSunrise 3.5 Features 1. Added Data Discovery functionality. 2. Now DataSunrise uses MySQL Connector/C by default instead of MySQL ODBC. 3. Added Hive support. 4. Many improvements in MySQL and MS SQL grammar 5. Improved Windows Authentication, Kerberos and NTLM authentication mechanisms for SQL Server DataSunrise 3.4 Features 1. Added compressed traffic support for MySQL. 2. MS SQL proxy fixed. 3. Increased UI response speed. DataSunrise 3.3 Features 1. Program performance increased. 2. Proxy stability increased. 3. Improved Greenplum grammar parsing. 4. Other minor enhancements. DataSunrise 3.2 Features 1. Improved DataSunrise proxy stability when operating under heavy workload. 2. Optimized audit data saving process to SQLite database (default Audit Storage). 3. Reduced memory consumption when parsing Oracle database traffic. 4. Fixed metadata downloading mechanisms for Netezza 6. 5. Improved SMSS support for MS SQL 2014 and 2016. 6. Fixed memory leaks for MS SQL parser. 7. JTDS 1.3.1 driver support added for MS SQL. 8. Fixed displaying inbound bindings in GUI. 9. Grammar corrections (SQL queries parsing) for PostgreSQL. 10.Fixed behaviour issues associated with parsing SQL protocol with native drivers on Pythin and Java Script. 11.Other minor enhancements.
Version history 9 DataSunrise 3.1 Features 1. Microsoft SQL Server protocol parser improved. 2. MS SQL Server query parser improved. DataSunrise 3.0 Features 1. Microsoft SQL Server support added. 2. Certificate settings added to database settings in GUI. 3. Minor enhancements in GUI. 4. Added support of Oracle Network Encryption and Data Integrity technologies. 5. All Oracle-supported encryption and checksum algorithms supported. 6. Data masking support for JDBC3 driver version 9.2. 7. Column names parsing for DB2. 8. Added some DDL statements to DB2 grammar. 9. PRC support through OLEDB driver for SQL Server. 10.Added transactions processing for SQL Server. 11.SQL Manager for SQL Server supported. 12.Error tolerance increased. 13.Improved auditing mechanisms for SQL Server. 14.Improved masking mechanisms for SQl Server. 15.More SQL Server data types supported. 16.Multi statements blocking fixed. 17.MySQL grammar fixes. 18.MySQL proxy mecnahisms fixed. 19.MySQL auditing fixed. 20.Other fixes and enhancements. DataSunrise 2.1.1 Features 1. Added masking and query blocking for COPY TO STD for PostgreSQL 8.2+ and Greenplum. 2. Fixed SSL connections for MySQL and PostgreSQL. 3. Corrected MySQL and PostgreSQL auditing mistakes. 4. Added support of SSL certificates for each proxy. 5. MySQL grammar fixes. 6. Added auditing for Amazon Redshift and Aurora. 7. Enhanced auditing, query blocking and masking mechanisms for DB2. 8. Fixed DB2 metadata processing errors. 9. Other fixes and enhancements.
Version history 10 DataSunrise 2.1.0 Features 1. Added support of the following databases: Amazon Aurora, Amazon Redshift, IBM DB2, MariaDB. 2. Improved problem detection mechanisms. 3. A lot of minor improvements. DataSunrise 2.0.9 Features 1. Improved DB objects explorer which is used to configure Rules. 2. Added Initial configuration wizard. 3. Added Command line interface. 4. Corrected typos and fixed some bugs in GUI. 5. Renamed Filters: "Object Based" to "Object Group", "Custom SQL Statements" to "Query Group" and "DDL Statements" to "Admin Queries". 6. Corrected errors in Oracle protocol parser related to various charsets. 7. Implemented parsing of MySQL and DB2 (test version). DataSunrise 2.0.8 Features 1. Increased data auditing speed for PostgreSQL and MySQL databases. 2. Added a possibility to pass Data Audit information to SYSLOG. 3. Added possibility of DataSunrise integration with SIEM systems through SYSLOG. 4. Implemented processing of DDL statements inside transactions for PostgreSQL. 5. Greenplum Database support added. 6. DataSunrise executable files size is decreased. 7. Added timetable settings for Rules. 8. Corrected typos in the web interface. Removed some obsolete elements. 9. Added additional firewall state indicators (Performance graphs). 10.Added an ability to process traffic generated by Oracle databases running on Solaris and IX operating systems. DataSunrise 2.0.7 Features 1. More DataMasking options. 2. Netezza support added. 3. The firewall settings can be applied and/or updated without core reboot. 4. Database encryption implemented (dictionary.db and audit.db files). DataSunrise 2.0.6 Features 1. Implemented DataMasking for all cases of NATURAL JOIN statement usage.
Version history 11 2. Encrypted traffic processing for PostgreSQL. 3. Increased firewall's operating speed in proxy mode. 4. Function-based and table-based rules were combined into Object-based category of rules. 5. Added a possibility to select several groups of objects while creating a rule.