Policy Management

The courses in this category help to create, install, and tune Guardium policies. It also includes policy strategy recommended policy design practices, and advanced policy techniques.

Policy Management Courses:

Guardium 10.6 improved policy builder

Starting with version 10.6, Guardium has a new policy builder. This builder incorporates many of the 10.x design features, including a format that presents configuration options as sections, and an intuitive, step-by-step guide to create and configure the policy.

Franklin Almonte

Create a Guardium policy from file activity discovery and classification results

Guardium File Activity Monitoring provides tools to discover, classify, and build policies for files. In this lab, you use the Quick Search GUI window to find files that contain sensitive information, select a set of these files, and create a policy that monitors attempts to access these files.

This lab is useful for Guardium users and administrators who need to monitor access to files that contain sensitive information. The lab is based on Guardium version 10.5.

Creating a Guardium policy that ignores trusted user session database activity

Guardium Data Security policies help flag suspicious database activity. When you configure policy rules to ignore trusted database activity, you can reduce the load on the network and Guardium managed units. In this  lab, you create a policy with rules to discard trusted activity and flag untrusted activity.

The lab environment reflects Guardium 10.5.

Guardium session-level policy

Starting with version 10.6, IBM Guardium features special policies that work at the session level. These policies are installed and processed before standard data-security policies, and respond to information that is available at the beginning of a database session. This feature allows quicker processing and response. In this lab, you create and test a session-level policy. 

Franklin Almonte

Using Guardium to quarantine database access

IBM Guardium provides powerful functions you can use to monitor and control database access. Guardium can terminate sessions performing suspicious database access commands and even quarantine suspicious users. In this lab, you explore the session termination and quarantine functionality.

The lab environment reflects Guardium 10.5.

Create Guardium policy to log file activity

Using IBM Guardium, you can create policies to monitor access to unstructured data, such as that found in files, as well as structured data, such as that found in databases. In this lab, you learn how to create and install policies to monitor files. Then you modify the FAM policy and add a rule that prevents a group of users from copying a file.

Guardium policy: Using the Continue to next rule functionality

Guardium policies often have multiple rules. By default, after a rule is triggered, processing stops. If you do not want to stop processing after the first rule triggers, you must configure your policy to continue to the next rule. In this lab, you configure and test a policy to examine the continuation functionality.

The lab environment reflects Guardium 10.5.

Louis Fuka

Detect database login failures with Guardium

Guardium data security policies help flag suspicious database activity and events. In this virtual lab, you create a policy that will detect and alert on database login failures that occur multiple times over a short time period.

Franklin Almonte