Deployment & Administration

This category includes courses that help to deploy and administer Guardium.

Deployment & Administration Courses:

Out-of-the-box views to ensure your Guardium system health

Information on several views that come "out-of-the-box" which can be utilized in analyzing and improving your Guardium system's health.

Using the Query Builder to Troubleshoot Effectively

This course contains an Open Mic replay describing using the query builder to troubleshoot Guardium issues effectively.

Guardium File Activity Monitor common issues and solutions

This Open Mic addresses the Guardium File Activity Monitor (FAM), and common issues users face during configuration.

Originally presented 25 May 2017

Understanding Guardium Correlation Alerts

Correlation alerts in Guardium are query based, as opposed to real-time policy alerts. There are various considerations for configuration of correlation alerts. There are also some overhead cost to be considered. This Open Mic is a discussion of correlation alerts in IBM Security Guardium, including an example of setting up a Repeating Inactive S-Tap alert.

Detecting Guardium database login failures demonstration

This course demonstrates the hands-on lab available in the course Detect database login failures with Guardium.  The demonstration covers creating a policy that will detect and alert on database login failures that occur multiple times over a short time period,

Enterprise Load Balancing

This Open Mic presented by David Plummer of Guardium Tech Support provides an overview to Guardium load balancing, including:

  • Prerequisites
  • How it works
  • grdapi commands
  • Activity report
  • Other related information and general overview

Troubleshooting S-TAP 'no traffic' issues

This Open Mic discusses how to troubleshoot situations where the S-TAP shows 'no traffic', including various steps you can take on your system to understand the reason for the issue or at least the scope of the issue, and what to do if all else fails.

Originally presented 18 July, 2017

Guardium auto create inspection engines

In this video, Guardium expert Glenn Weidner demonstrates enhancements to Guardium 11.2 auto create inspection engines, including scheduler user interface, rules results report, report only mode, and alerts.

Upgrading to Guardium 11

In this video, Vlad Langman, L3 Engineering Manager, discusses best practices for upgrading to Guardium 11.

Troubleshooting Guardium S-TAP Severity 1 issues

In this course, targeted for Guardium administrators, you'll learn about Severity 1 problems when the Database or Database Server might be effected, and be provided key troubleshooting recommendations and information to gather if necessary.

Guardium Full Appliance Issues - Detection, Root Cause, and Remediation

The information in this Open Mic will help keep you out of trouble and possibly rescue you in the case of full appliance issues.


  • Introduction
  • Detection
  • First Response
  • Getting to Root Cause
  • Questions & Answers

In the follow-up to the Open Mic, John spends time answering audience questions on that and other topics.

  • Reboot the appliance
  • Issues with fixes
  • Vulnerabilities
  • The Discovery engine
  • High CPU

Outlier Detection: IBM Security Guardium

In this Open Mic, you learn about how Outlier Detection works. You also learn about the Learning and Analysis phases, how to configure Outlier Detection, and how to interpret the Outlier results. 

Guardium v10 Enterprise Load Balancing

Load balancing automatically allocates managed units to S-TAP agents when new S-TAPs are installed and during fail-over when a managed unit is unavailable. The load balancing application also dynamically re-balances loaded or busy managed units by relocating S-TAP agents to less-loaded managed units.  These topics are discussed in this Open Mic.

Guardium disk and database health analyzer

New in IBM Guardium 10.6, alerts are sent when the system predicts that a DB size or files on disk (/var) will reach 50% in the next 14 days. Alerts detail the predicted size and the largest tables or files. Alerts are also shown in the deployment health dashboard of the central manager.  In this course, you will see a quick overview of this feature and then a deeper dive into the function and its architecture.

Working with Guardium Certificates

This Open Mic covered different aspects of IBM Guardium certificates, including the prerequisite for installing certificates, how to create request certificates, converting certificates in the format that Guardium supports, and the hierarchy of certificates.

Guardium appliance patching

In this Open Mic video, Avi Walerius from Guardium Technical Support discusses different aspects of appliance patches: differences between patch types, advice on the health check patch, and best practices for installing GPU patches.

Tips and tricks to keep Windows S-TAP healthy

In this video, you will learn some tips and tricks for keeping your Windows S-TAP up and running with fewer issues.  You will investigate the following parameters and settings:

  • USE_TLS=1

Guardium Installation Manager (GIM) Usage and Deployment Methods - Part 2

The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers.  In this course, you will learn about GIM deployment and usage, and includes GIM reports, registration and authentication, and troubleshooting.  This is Part 2 of a two-part series.

Guardium Installation Manager (GIM) Agent Installation - Part 1

The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers.  In this course, you will learn about GIM Agent installation planning, installation steps and validation, and installation troubleshooting.  This is Part 1 of a two-part series.

Guardium User Management

During this Open Mic session, Carolina Leme from Guardium Level 2 support discusses user management and roles and responsibilities.  The bookmarks in the video will take you to the following topics:

  • Administrator responsibilities
  • Root user
  • GUI users
  • CLI access
  • Roles and permissions

Open Mic: How to Build Custom KTAP Linux STAP

This IBM Guardium Open Mic discusses the following topics:

  • How to tell if KTAP will install directly on a kernel version? (i.e how to use ktaposmatch)
  • Options to build KTAP for unlisted kernel versions (flex_loading, and custom ktap build), including examples of each case, with GIM and non-GIM installs.

Dos and Don'ts of Guardium GPU patch installation

This video provides an example of installing a Guardium GPU patch; highlighting good practices and tips for the install.

Guardium ATAP & EXIT functionality for database traffic collection

This Guardium Open Mic discusses the usage of ATAP and EXIT. ATAP allows interception of encrypted traffic at the database server application level, and EXIT functionality makes it possible to intercept any traffic while eliminating the need for loading the KTAP module into the kernel.

Is Your Guardium Environment Secure & Supportable?

In this Guardium Open Mic, the following topics are discussed:  Shared Secrets, ID's and Passwords, Ports and Firewalls, Backups and Archives, Supportability Options

IBM Guardium: Sniffer restart & High CPU correlation alerts

This Open Mic discusses how to troubleshoot underlying problems causing you to receive Sniffer restart and High CPU correlation alerts.

Guardium: Different data collection methods for different use cases

This session from Virtual Master Skills University 2020 focuses on how Guardium Data Protection enables flexibility and choice by offering agent-based and agent-less approaches to monitoring database activities. The session highlights benefits, use cases and considerations for each approach so that organizations can make the right choice(s) for securing their data assets.

IBM Guardium Architecture, Deployment, Automation

In This session from Virtual Master Skills University 2020, Prasad Bandaru covers architecture, as well as the product components, current architecture, deployment considerations, sizing, load balancing, agents , and automation.

IBM Guardium Data Protection

In this session from Virtual Master Skills University, Yosef Rozenblit reviews lessons learned and talks about the data protection elements that every deployment must have configured.

GIM and S-TAP Installation Assistance

GIM and S-TAP installation are common but complex tasks. In this session from Virtual Master Skills University, Avi Walerius covers GIM and S-TAP installation, how to investigate issues, leverage the S-TAP dashboard (from 11.2), and ensure installation is successful.

IBM Guardium Administration and Performance

In this session from Virtual Master Skills University 2020,  Vinay Vijayadharan shares advanced tips about what administrators need to watch out for and manage.

IBM Guardium Data Protection for Files, NAS, and SharePoint

IBM Guardium Data Protection for Files discovers and classifies unstructured sensitive file repositories on various platforms, including Network Attached Storage (NAS) and Microsoft SharePoint. These videos cover:
  • Data-centric security approach
  • Partnership with STEALTHbits
  • Data Protection for Files, NAS, and SharePoint
  •  File Discovery, Entitlement, and Classification (FDEC)
  • File Activity Monitoring (FAM)