Policy Management

The courses in this category help to create, install, and tune Guardium policies. It also includes policy strategy recommended policy design practices, and advanced policy techniques.

Policy Management Courses:

Guardium 10.6 improved policy builder

Starting with version 10.6, Guardium has a new policy builder. This builder incorporates many of the 10.x design features, including a format that presents configuration options as sections, and an intuitive, step-by-step guide to create and configure the policy.

Franklin Almonte

Create, install, and update a Guardium policy

A policy is a key component of your data security strategy. To keep your data secure, you must implement rules that monitor, log, and control data.  In this course, you learn how to create, install, and modify IBM Security Guardium policies and policy rules that control data access.

This video is based on Guardium 11.2.


  • Create, install, and test a Guardium policy
  • Modify a Guardium policy and policy rule
  • Add rules to a Guardium policy
  • Test a reinstalled Guardium policy

Policy Rules tagging

With this feature, new compliance regulations may be supported by adding tags to existing out-of-the box Policy rules, where possible. This enables Guardium to support new regulations more quickly.  

Guardium policy strategy and techniques

Polices are a core component of the Guardium Solution. Policies are sets of rules and actions applied in real time to the database traffic observed by a Guardium system. Policies define which traffic is ignored or logged, which activities require more granular logging, and which activities should trigger an alert or block access to the database.  Therefore, it is critical to develop strategies and techniques associated with polices to maintain a healthy Guardium ecosystem while meeting business requirements. This course consolidates every Guardium policy course on the Security Learning Academy, which provides you with practical knowledge and hands-on experiences to help you develop effective and efficient Guardium polices in your environment. 

In this course, you learn about creating, installing, and tuning Guardium polices through various related videos and labs. In addition, you learn about policy strategy, recommended practices when designing your polices, and advanced policy techniques.

Getting started with Guardium policy actions

Policy actions are key components of Guardium polices and are critical to policy strategy and tuning. This interactive video introduces you to common blocking actions, alerting actions, and logging actions. It also includes general tips about using policy rule actions.

Franklin Almonte

Guardium policy stacking

Organizations have many goals for monitoring data servers. These goals require many rules, some of which  apply to a broad set of data servers, and some of which might apply to only one or a few data servers.

In this video, you learn how to organize these rules into a series of policies to optimize maintainability.

Using the Flat Log Policy

Peak database traffic periods can overload monitoring solutions. The Guardium flat log policy provides a way to defer analysis and logging of traffic to off-peak periods. In this video series, you learn about the flat log policy and how it can help you avoid resource overload.

Guardium Access, Exception, and Extrusion Policy Rules

IBM Guardium policy rules fall into three categories:

  • Access rules
  • Extrusion rules
  • Exception rules

In this video series, you  learn about the three types of rules , what criteria and actions are associated with each type, and some of the uses for each type of rule.

IBM Guardium S-GATE Policy

With Guardium, you can set up rules that automatically terminate database sessions when Guardium detects improper data access, limiting the damage from hostile attacks on your database.

In this videos, you learn how to configure the S-TAP agent and create policy rules to take advantage of S-GATE functionality.

Guardium Selective and Non-Selective Audit Policy

Guardium policies are powerful resources to monitor your data environment. However, due to the large amount of data activity in a database production environment, you must configure your policy carefully to filter out innocent traffic.

In this course, you learn the differences between selective and non-selective audit policies.

File Activity Monitoring using Guardium

Guardium 10.x includes functionality you can use to monitor file activity. In this course, you view the discovery and classification capabilities of the file activity monitoring (FAM) tools and learn how to set up a blocking rule to prevent someone from deleting files in a directory and logs the attempt. You also learn how to create and install policies to monitor files.

Getting started with Guardium alerts

It is easy to use the predefined alerts in Guardium. In this course, you to learn about the different Guardium alert types and how to use them to monitor your Guardium ecosystem.

How to check the Guardium policy for actions that fill the database

In this video, you see how to check the Guardium policy for actions that can fill the database.  This is an important step in preventing database full issues.