SQL Sentry Security Overview

Security covers the following topics relating to SQL Sentry security, including required permissions for the various SQL Sentry components: 

Security TopicDescription
Monitoring Service SecurityThis topic discusses the permissions required by the SQL Sentry monitoring service account when watching (monitoring) instances.
Client SecurityThis topic discusses the permissions required when running the SQL Sentry client, including scenarios in which the client connects directly to a monitored target.
Portal Security
This topic provides more information about security requirements for the SQL Sentry Portal service and users.
Encryption
SQL Sentry provides multiple options for data encryption at rest and in transit. The SQL Sentry database can be encrypted using Transparent Data Encryption (TDE).

To protect data in transit, the connections between the SQL Sentry database server, SQL Sentry monitoring services, and the SQL Sentry client can be encrypted using 128-bit Transport Layer Security (TLS). See the Encrypt Network Traffic item in the Advanced Properties section of the Managing Connections article for details.

See the SQL Sentry Portal Configuration article for instructions on using the Portal Configuration Utility to encrypt network traffic for SQL Sentry Portal and apply an SSL certificate.
Watching Targets Across DomainsThis topic is a brief overview of the options available for Watching (monitoring) targets across domains, including information about Pass-through Authentication and configuring SQL Sentry sites within your environment.
Non-Windows EnvironmentThis topic discusses the options for Watching (monitoring) instances in a non-Windows environment, including Pass-through Authentication.
SQL Sentry Performance AnalysisThis topic discusses advanced information about the Performance Analysis security requirements, including port requirements for monitored targets.
Azure SQL Database and Data WarehouseThis topic covers security aspects specific to Azure SQL Database and SQL Data Warehouse.
Rights Based SecurityThis topic discusses restricting user access within the SQL Sentry client based on Windows and SQL Server authentication accounts.
Role Based SecurityThis topic discusses restricting user access within the SQL Sentry client based on SQL Sentry database roles.

Additional Information: For more information about SQL Sentry security, see this Hardening SentryOne for Security blog post.