QOD 10/10/2003

  • There are quite a few QODs on C2 auditing. Is it some sort of government requirement in the US? I can't see any reason why you would need to turn it on unless you are in the Army.

    I think we have a similar requrement in Europe (ITSEC) but I don't know wether they are compatible.

    Who needs this level of security anyhow? No sql logins, No OLAP, No Full text, No Mail and no distributed trans.

    Keith Henry




    Keith Henry



    According to everyone I know I "do something with computers?" for a living, so there you go.

  • Hi Keith,

    quote:


    There are quite a few QODs on C2 auditing. Is it some sort of government requirement in the US? I can't see any reason why you would need to turn it on unless you are in the Army.

    I think we have a similar requrement in Europe (ITSEC) but I don't know wether they are compatible.

    Who needs this level of security anyhow? No sql logins, No OLAP, No Full text, No Mail and no distributed trans.


    I think you are right. There are governmental requirements.

    Maybe this thread will clear thing a bit

    http://www.sqlservercentral.com/forum/link.asp?TOPIC_ID=15251

    It contains two links that explain C2 a little bit closer than BOL does

    Frank

    --
    Frank Kalis
    Microsoft SQL Server MVP
    Webmaster: http://www.insidesql.org/blogs
    My blog: http://www.insidesql.org/blogs/frankkalis/[/url]

  • Thanks.

    Keith Henry




    Keith Henry



    According to everyone I know I "do something with computers?" for a living, so there you go.

  • Tend to agree. Not sure who needs else needs it, possibly banks (financials).

    More of a pain, but it's easy to pick on for questions.

    Steve Jones

    sjones@sqlservercentral.com

    http://www.sqlservercentral.com/columnists/sjones

    The Best of SQL Server Central.com 2002 - http://www.sqlservercentral.com/bestof/

    http://www.dkranch.net

  • The IRS often requires C2 auditing of databases before sharing their tax data with state agencies. They're pretty particular about knowing who sees their data.

    Greg

  • BTW-just a minor observation...the subject line says QOD 10/10/2003. Should be 09/10/2003 (it's only September).

    -SQLBill

  • Thank you or the valuable information on c2 level auditing.

    How to read the log files. It seems to be not in human readable form.

    Is there any certified software to read these log files.

    Cheers,

    Preethiviraj Kulasingham

    Cheers,
    Prithiviraj Kulasingham

    http://preethiviraj.blogspot.com/

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply