Press "Enter" to skip to content

Posts published in “Guardium”

Install Guardium GIM & STAP into Linux Servers (Ubuntu and CentOS)


 This post is to record all steps to install IBM Guardium GIM and STAP into Linux server. Two linux servers with MySQL installed, Ubuntu 18.04 and CentOS 7.8 Topology Download GIM & STAP Packages for Linux Release A couple of steps: 1  Check your linux version and release [root@localhost test1]# uname -a Linux localhost.localdomain 3.10.0-1127.18.2.el7.x86_64 #1 SMP Sun Jul 26 15:27:06 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux [root@localhost test1]# cat /etc/*release CentOS Linux release 7.8.2003…

IBM Guardium Tips and Tricks


This post is a summary for my experience with IBM Guardium product. Some of them are pretty simple. I am recording those for my own reference. Find Guardium STAP Installation Folder and Exec Stap Diag Shut Down System Inspection Engine Status is Fail Changing Report Parameters Add Reports into Dashboard to Check Logged Data Change GIM Client Configuration’s Guardium IP Remove inactive GIM client connection VA Report View Issue – Disable Data Level Security Filtering…

IBM Guardium: Configure a Database Vulnerability Assessment


The IBM® InfoSphere® Guardium® Database Vulnerability Assessment (VA) module scans your database infrastructure for vulnerabilities and provides an ongoing evaluation of your security posture, using both real-time and historical data. This capability includes a comprehensive library of preconfigured tests based on industry-best practices such as the Computer Internet Security (CIS) benchmarks and the Database Security Technical Implementation Guide (STIG) created by the Department of Defense (DoD). These tests check for common vulnerabilities, such as missing…

IBM Guardium Upgrade and Patch Installation (GIM, STAP, SNIFFER, GUP, DPS, HealthCheck)


 This post is to summarize how to upgrade IBM Guardium Components and how to patch system IBM Guardium Patching/Upgrading 1   Check IBM Guardium Appliance and Agent Version 2   Download Patch / Updates from Fix centralDownload a server / agent Patch from IBM Fix Central Patches explanation: 3   Install Patch for Aggregator from CLI This method usually is for Central Manager (Aggregator). Once you logged into Web GUI, the notification icon will show a red number to notify you there…

IBM Guardium v11.2 Collector Installation Notes


Some notes saved in this post for installing an IBM Guardium collector and registering into Central manager.  Installation Setup Initial and Baisc Configuration: Load the Guardium ISO. When the system boots, you will be presented with the following screen. Choose “Standard Installation (non CM)” for the collectors Choose “Aggregator or Central Manager (CM)” for the Central Manager The installation process will take about 15 minutes. After the installation completes, login from the console as cli (password=guardium) Reset…

IBM Guardium GIM & S-TAP Installation and Upgrade

GIM - Guardium Installation Manager
Key Terms:
Agent - Collection of perl scripts run on each managed server allowing for centralized management
GIM Server - Guardium appliance used for deployment of GIM bundles and modules
Bundle - A package of software that can be deployed with GIM. File extension .gim.
Module - Components of a bundle. A .gim file containing one or more modules or sub-modules.
- such as : CAS, S-TAP, FAM, UTILS, ATAP, supervisor
Listener Mode - GIM Agent not yet associated with a GIM Server
Standard Mode - GIM Agent associated with a GIM server
Dynamic Updating - Fail-over mode

IBM Guardium Tasks List to Onboard new DB servers


I was working on IBM Guardium project to onboard some DB servers into system.
To demonstrate how much work it will be , I created this tasks list. It is a draft for my own usage. I am sharing it out through my blog post. Hopefully there are more feedback coming to get this list fulfilled.

It will only cover three main requirements, creating a new Collector, DB Vulnerability Assessment, and Data Security Policy.