Guardium Latest Courses:
Guardium 10.x includes functionality you can use to monitor file activity. In this course, you view the discovery and classification capabilities of the file activity monitoring (FAM) tools and learn how to set up a blocking rule to prevent someone from deleting files in a directory and logs the attempt. You also learn how to create and install policies to monitor files.
Regular upkeep of your data security environment is required to keep the system aligned with the ever-changing IT environment, including new data servers, new uses of sensitive data, new users, and new applications. Organizations that use IBM Guardium for data security and compliance can take advantage of a rich set of APIs to automate processes and maintain the system in a more efficient manner.
In this course, you learn how Guardium APIs can speed deployment and automate repetitive tasks such as creating a datasource, updating users, and modifying groups.
The lab environment reflects Guardium 10.5.
The Guardium 11 Vulnerability Assessment (VA) has many new features,
including test exceptions, test detail exceptions, security assessment
using datasource group, CyberArk integration, DataStax Cassandra, as well as support for the new
release of MongoDB 4.0, PostgreSQLv11 and Oracle 18c CVE tests.
Using IBM Guardium, you can create policies to monitor access to unstructured data, such as that found in files, as well as structured data, such as that found in databases. In this lab, you learn how to create and install policies to monitor files. Then you modify the FAM policy and add a rule that prevents a group of users from copying a file.
Guardium contains a powerful tool that links related reports. Users can click report entries and view a list of other reports that provide more granular information related to the entry. In this lab, you create a drill-down report to extend the capabilities of existing reports. Then, you test your new report.
This lab environment reflects Guardium 10.5.Franklin Almonte
Starting with version 10.6, Guardium has a new query and report builder. This builder incorporates many of the 10.x design features, including a format that presents configuration options as sections, as well as an intuitive, step-by-step guide to create and configure the query. The report is automatically generated from the query. If the query is modified, the report is automatically regenerated when the query is saved.
In the lab exercises, you create a query and report that shows SQL commands. Then you generate data to test the report and view the results.
File activity monitoring (FAM) includes two major components. The first component discovers and classifies files stored in the file system, and the second component is the activity monitor. It extracts the security policy from the appliance and enforces it on file activity in real time.
In this lab, you view the settings necessary to perform file access monitoring, create a dashboard and add a file entitlement report, and then perform some file operations to view how the FAM functionality reacts to changes.
Franklin Almonte, Guardium 10.5
The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this lab, you learn how to configure and run a database vulnerability assessment.
This lab environment reflects Guardium 10.5.
Guardium S-TAP is a lightweight software agent installed on database servers. S-TAP agents collect the data that are used by traffic reports, alerts, and visualizations. S-TAP agents also enact certain policy rules.
In this lab, you install the S-TAP agent on a database server using the Guardium Installation Manager (GIM) and Guardium GUI.