Only a partial course catalog displayed. Please click here to log in to see the complete catalog.

Guardium Courses (74):

Guardium File Activity Monitor support for SharePoint and NAS

New in IBM Guardium 10.6, File Activity Monitor (FAM) adds a new feature to monitor and audit Microsoft SharePoint servers and network attached storage devices.

Guardium 10.6 query-report builder

In IBM Guardium 10.6, the new query-report builder combines the legacy report and query builders into a simplified workflow, where each query represents one corresponding report.  In this video, you will learn about and a see a demo of this new feature.

Guardium disk and database health analyzer

New in IBM Guardium 10.6, alerts are sent when the system predicts that a DB size or files on disk (/var) will reach 50% in the next 14 days. Alerts detail the predicted size and the largest tables or files. Alerts are also shown in the deployment health dashboard of the central manager.  In this course, you will see a quick overview of this feature and then a deeper dive into the function and its architecture.

Guardium in AWS

In this video, you will see the steps to create an IBM Guardium instance in Amazon Web Services (AWS).

Guardium in Azure

In this video, you will see how to set up an IBM Guardium instance in Microsoft Azure.

Working with Guardium Certificates

This Open Mic covered different aspects of IBM Guardium certificates, including the prerequisite for installing certificates, how to create request certificates, converting certificates in the format that Guardium supports, and the hierarchy of certificates.

Build Your First Guardium App Using the New Ecosystem Technologies

Guardium 10.5 includes an ecosystem to extend and enhance your current Guardium deployment with new capabilities. Guardium apps are the centerpiece of the ecosystem, allowing you to augment and enrich your current Guardium system. You can create your own Guardium apps or download and install shared apps created by IBM, business partners, or other Guardium customers.

In this tech talk, John Haldeman from Information Insights will share his experiences using the Guardium Ecosystem and demonstrate how to:

- Create a Guardium app using the Software Development Kit (SDK)

- Deploy your app on your Guardium appliance

- Share your app on the IBM Guardium App Exchange

Guardium appliance patching

In this Open Mic video, Avi Walerius from Guardium Technical Support discusses different aspects of appliance patches: differences between patch types, advice on the health check patch, and best practices for installing GPU patches.

IBM Multi-Cloud Data Encryption (MDE)

IBM Multi-Cloud Data Encryption (MDE) is designed to safeguard critical data from misuse whether it resides in a single cloud, multiple clouds, or hybrid environments. In this video series, you will learn how MDE 2.2 will help you:

  • Store and protect your data in object stores of any cloud, encrypted under keys that only you control
  • Easily move data between or out of Cloud Service Providers (CSPs)
  • Securely back up or copy data from one server and restore or paste that data to another server

Guardium Installation Manager (GIM) Usage and Deployment Methods - Part 2

The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers.  In this course, you will learn about GIM deployment and usage, and includes GIM reports, registration and authentication, and troubleshooting.  This is Part 2 of a two-part series.

Guardium Vulnerability Assessment for MongoDB

MongoDB is a free and open-source cross-platform document-oriented database program.  In this video, you will see a detailed demonstration of Guardium Vulnerability Assessment for MongoDB, including the process to set up and run the test, and what happens after you harden the database per recommendations from the assessment.

Troubleshooting Missing Guardium Database User Problems

In Guardium, you may have a situation where the database user name in a report is blank, or there is a question mark, or may be a string of random characters. In this course, you will learn how to import the new missing DB user dashboard and use it to troubleshoot and take actions to resolve the problem.

IBM Security Guardium Analyzer

Global enterprises are discovering the rigorous task of becoming GDPR compliant. IBM Security Guardium Analyzer can help with your GDPR impact assessment plan by answering the question of "Where is my GDPR- relevant data?" It enables you to efficiently identify risk associated with personal and sensitive personal data that falls under the GDPR. 

In this course, you will learn how to:
  • Analyze on-prem and cloud-based databases to find GDPR relevant data 
  • Use next generation data classification and vulnerability scanning
  • Surface data exposures through dynamic dashboards; providing information, such as, the number of databases affected, severity breakdown, and geographic breakdown
  • Take steps to minimize risk based on the information provided

Guardium 10.6 policy builder

There is a new and improved policy builder user interface in IBM Guardium 10.6.  This video provides a detailed description and demo of the changes.

Introduction to the IBM Guardium User and Command Line Interfaces

In this course, you will become familiar with the IBM Guardium v10 user and command line interfaces.  You see how the Guardium user interface allows easy access to commonly used features and applications.  The Guardium CLI allows you to automate and script frequently used functions. You see how to search for commands and list applicable options.

In the hands-on lab, you will explore the interface and learn how to classify data in your database environment.

Tips and tricks to keep Windows S-TAP healthy

In this video, you will learn some tips and tricks for keeping your Windows S-TAP up and running with fewer issues.  You will investigate the following parameters and settings:

  • USE_TLS=1

Enabling IP-to-Hostname Aliasing

In this video, you learn how to enable IP-to-Hostname alias mapping.

IBM Guardium Flat Log Policy

Peak database traffic periods can overload monitoring solutions. IBM Guardium flat log policy provides a way to defer analysis and logging of traffic to off-peak periods. In this video series, you will learn about flat log policy and how it can help you avoid resource overload.

Guardium Installation Manager (GIM) Agent Installation - Part 1

The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers.  In this course, you will learn about GIM Agent installation planning, installation steps and validation, and installation troubleshooting.  This is Part 1 of a two-part series.

Archiving Guardium Data

In this video, you learn how to configure the Guardium archive.

Does Security Travel with Your Data? Protect It with Data Encryption.

IBM provides comprehensive data encryption capabilities to help protect your data whereever it resides—on-premises, in the cloud, in multiple clouds, or in hybrid environments. This session will focus on IBM Multi-Cloud Data Encryption, specifically for cloud and hybrid data protection. Learn how to configure policies for file and folder encryption, as well as how to deploy agents to encrypt and decrypt data.

Presented by:

  • Rinkesh Bansal, IBM

Using IBM Guardium to Quarantine Database Access

IBM Guardium provides powerful functions to monitor and control database access. IBM Guardium can terminate sessions performing suspicious database access commands, and even quarantine suspicious users.

In this lab, you will explore the session termination and quarantine functionality.

IBM Guardium Access, Exception, and Extrusion Policy Rules

IBM Guardium policy rules fall into three categories:

  • Access rules
  • Extrusion rules
  • Exception rules

In this video series, you  learn about the three types of rules , what criteria and actions are associated with each type, and some of the uses for each type of rule.

What's New in Guardium 10.5

The IBM Security Guardium Data Protection v10.5 platform continues to evolve to support a wider variety of use cases, both by adding new functionality and by opening up the platform to support application integration.  In this tech talk, you will get an overview of the new and updated Guardium features, including:

  • An apps ecosystem that enables integration of your own functionality into Guardium 
  • An expansion of file discovery and classification to more deployment models 
  • Updates to Vulnerability Assessment, including support for SAP HANA 
  • Enhanced integration to support Guardium Big Data Intelligence use cases 
  • Platform enhancements for currency, security, and manageability

Bookmarks in the video take you to the following topics:

  • Guardium App Exchange (Ecosystem)
  • File Access Monitoring (FAM) for SharePoint and NAS
  • Platform / OS changes
  • CyberArk integration
  • Currency updates
  • Sniffer updates
  • Guardium Big Data Intelligence (GBDI) integration
  • STAP, ATAP, and GIM updates
  • Vulnerability Assessment (VA)
  • IBM License Metric Tool (ILMT)

Open Mic: How to Build Custom KTAP Linux STAP

This IBM Guardium Open Mic discusses the following topics:

  • How to tell if KTAP will install directly on a kernel version? (i.e how to use ktaposmatch)
  • Options to build KTAP for unlisted kernel versions (flex_loading, and custom ktap build), including examples of each case, with GIM and non-GIM installs.

Deploying the Guardium S-TAP Agent

Guardium S-TAP is a lightweight software agent installed on database servers. S-TAP agents collect the data that are used by traffic reports, alerts, and visualizations. S-TAP agents also enact certain policy rules.

In this hands on exercise, you install the S-TAP agent using the Guardium Installation Manager (GIM) and the Guardium GUI.

Guardium User Management

During this Open Mic session, Carolina Leme from Guardium Level 2 support discusses user management and roles and responsibilities.  The bookmarks in the video will take you to the following topics:

  • Administrator responsibilities
  • Root user
  • GUI users
  • CLI access
  • Roles and permissions

Guardium Open Mic Full Appliance Issues - Detection, Root Cause, and Remediation

This Open Mic Live session was originally broadcast from Think 2018 19-March-2018

John Adams from Guardium Technical Support delivers this Open Mic LIVE at the 2018 Think conference. Part fire extinguisher, part lifejacket, and part how to avoid getting burned in the first place, the information in this Open Mic will help keep you out of trouble and possibly rescue you in the case of full appliance issues.


  • Introduction
  • Detection
  • First Response
  • Getting to Root Cause
  • Questions & Answers

Using IBM Guardium APIs to Speed Deployment and Automate Repetitive Tasks

Regular upkeep of your data security environment is required to keep the system aligned with the ever-changing IT environment, including new data servers, new uses of sensitive data, new users, and new applications. Organizations that use IBM Guardium for data security and compliance can take advantage of a rich set of APIs to automate processes and maintain the system in a more efficient manner.

In this course, you learn how Guardium APIs can speed deployment and automate repetitive tasks such as creating a datasource, updating users, or modifying groups.

Guardium Big Data Intelligence for Data Security Insights and Integration

Guardium Big Data Intelligence complements existing Guardium deployments with the ability to quickly integrate an optimized security data lake.

Part 1 covers architecture, reporting, and data retention.

Part 2 takes a deeper look at the solution and its benefits, which includes: noise-reduction analytics, data integrations for enrichment and automation, workflow and orchestration, trusted connections, and Database User Entity Behavior Analytics.

Cloning an IBM Guardium Query and Report

IBM Guardium provides over 600 preconfigured reports. As well as being useful in themselves, these reports can serve as templates to create a report customized to your specific needs. This saves time and effort.

In this 30 minute course, you will clone a Guardium query. You will customize the fields and conditions of this query, then generate a report from this new query.

Dos and Don'ts of Guardium GPU patch installation

This video provides an example of installing a Guardium GPU patch; highlighting good practices and tips for the install.

IBM Guardium Policy: The Continue to Next Rule Functionality

When you create Guardium policies with multiple rules, you might want to ensure that processing does not stop when one rule is triggered. 

In this hands-on lab, you investigate the Continue to Next Rule check box and how it affects policy processing.

The prerequisite for this course is basic knowledge of configuring IBM Guardium Policy.

Guardium Open Mic - Meet the Experts

A follow up to John Adams Open Mic on Full Guardium Appliances, John spends time answering audience questions on that and other topics: Rebooting the appliance, issues with fixes, vulnerabilities, the Discovery engine, high CPU, and various other issues.

IBM Guardium Selective and Non-Selective Audit Policy

IBM Guardium policies are powerful resources to monitor your data environment. However, due to the large amount of data activity in a database production environment, you must configure your policy carefully to filter out innocent traffic.

In this course, you learn the differences between selective and non-selective audit policies.

Creating an IBM Guardium Query and Report

IBM Guardium gathers a large amount of data about your database environment. Queries probe this data, while reports display this data in an easily viewable format.

In this lab, you will create a simple query and a report based on that query.

This hands-on lab is targeted towards Guardium users and administrators who create and maintain reports. It will take approximately 30 minutes to complete.

Managing Transport Layer Security (TLS) Protocol Versions in IBM Guardium 10.1.4

IBM Guardium 10.1.4 introduces the capability for all managed units, agents, and clients to communicate by using Transport Layer Security (TLS) Protocol version 1.2. This capability enhances security in your data center.

In this series of three videos, you learn how to enable TLS1.2 in your IBM Guardium environment.

Duration: 15 minutes

IBM Guardium Distributed Reports

In this Open Mic, you will learn about IBM Guardium distributed reports. This Central Manager feature provides a way to automatically gather data from all or a subset of the Guardium managed units that are associated with this particular Central Manager. Distributed reports are designed to provide a high-level view, to correlate data from across data sources, and to summarize views of the data.

Detecting failed database logins using IBM Guardium

Guardium Data Security policies help flag suspicious database activity and events.

In this lab, you create a policy with rules to flag events where a database user has failed at multiple attempts to login during a short duration of time.

This hands-on lab is targeted towards Guardium users and administrators who maintain database security policies. It will take approximately 30 minutes to complete.

Creating and Populating an IBM Guardium Group

Guardium 10.1.4 provides a new group builder application which provides powerful tools for populating group members and allows you to see which resources use a given group.

In this exercise, you learn to how to build and populate the Guardium groups.

This hands-on lab is targeted for IBM Guardium users and administrators who need create and maintain groups. The lab will take approximately 30 minutes to complete.

IBM Guardium S-GATE Policy

With Guardium, you can set up rules that automatically terminate database sessions when Guardium detects improper data access, limiting the damage from hostile attacks on your database.

In this videos, you learn how to configure the S-TAP agent and create policy rules to take advantage of S-GATE functionality.

Using IBM Guardium to Create a Policy from File Activity Discovery and Classification Results

IBM Guardium  provides tools to discover, classify, and build policies for files. 

In this lab, you will use the quick search GUI window to find files that contain sensitive information, select a set of these files, and create a policy that monitors attempts to access these files.

This hands-on lab is targeted to IBM Guardium users and administrators who need to create policies to control access to files which contain sensitive information.

What can you do with Guardium on the cloud?

Enterprises are offloading applications and data to the cloud.  This Tech Talk covers options for data protection and understanding exactly what can be done with Guardium Data Protection for cloud-based databases.

Creating a Guardium Policy that Ignores Trusted User Session Database Activity

Guardium Data Security policies help flag suspicious database activity. By configuring policy rules to ignore trusted database activity, you can reduce the load on the network and Guardium managed units.

In this lab, you create a policy with rules to discard trusted activity and to flag untrusted activity.

This hands-on lab is targeted towards Guardium users and administrators who maintain database security policies. It will take approximately 30 minutes to complete.

How can I check if the correct data is being logged on my Guardium Appliance?

In this video, you will see how to use specific Guardium GUI reports to check the data being logged on a Guardium Appliance .

Guardium ATAP & EXIT functionality for database traffic collection

This Guardium Open Mic discusses the usage of ATAP and EXIT. ATAP allows interception of encrypted traffic at the database server application level, and EXIT functionality makes it possible to intercept any traffic while eliminating the need for loading the KTAP module into the kernel.

4 reasons to love the new Guardium Data Encryption v3.0

In this Tech Talk, Guardium experts discuss the new Guardium Data Encryption v3.0.

Guardium Tech Talk series: Data Encryption for DB2 and IMS on z/OS

In this Guardium tech talk series, you will learn about IMS Implementation, cryptographic hardware, CKDS creation, and master key rotation.

Using IBM Guardium 10.1.4 for Cloud database service protection

IBM Guardium 10.1.4 has new functionality to protect Oracle 11 databases that reside on Amazon AWS. In this video series, you will learn how to discover cloud databases. Then you will see how to classify and audit sensitive objects.

PCI compliance quickstart with IBM Guardium

IBM Guardium provides tools for helping meet the requirements of the Payment Card Industry (PCI) data security standard.

In this video series, you become familiar with Guardium features that pertain to the PCI data security standard. You see a demonstration of how the features are configured.

What's new in Guardium 10.1.4

In this Tech Talk, Guardium experts provide an overview of what is new in Guardium 10.1.4, including enhancements in compliance, ease of use, agents, and platform.

Guardium Open Mic: Using Buffer Usage Monitor Report & Sniffer Must-gather for Troubleshooting

Guardium technical support commonly analyzes the Buffer Usage Monitor Report & Sniffer must_gather to determine problems occurring with in the Guardium environment. This Open Mic explores those reports and information commonly analyzed.

Guardium Tech Talk: Hints and tips for a successful v10 upgrade

During this Tech Talk, Guardium experts discuss hints and tips for a successful upgrade to v10

IBM Guardium: Sniffer restart & High CPU correlation alerts

This Open Mic discusses how to troubleshoot underlying problems causing you to receive Sniffer restart and High CPU correlation alerts.

Upgrading IBM Guardium from V9.x to V10.1.3

IBM Guardium released an upgrade patch that allows you to upgrade your Central Manager, aggregators, and collectors from version 9.X to version 10.1.3. In this video series, you learn how to prepare your environment and apply the upgrade patch to your Central Manager and managed units.

Is Your Guardium Environment Secure & Supportable?

In this Guardium Open Mic, the following topics are discussed:  Shared Secrets, ID's and Passwords, Ports and Firewalls, Backups and Archives, Supportability Options

Installing and configuring S-TAP

S-TAP and K-TAP are Guardium components that can intercept database communications between clients and the database server. This course includes the following materials:

  • IBM Guardium: Linux S-TAP installation guidance
  • Troubleshooting the Guardium S-TAP Verification Process
  • How can a SLON capture be created on an InfoSphere Guardium Appliance

IBM Guardium Cloud Deployment Guides

IBM Guardium uses data activity monitoring, file activity monitoring, and vulnerability assessment to help ensure the security, privacy, and integrity of your data. Guardium can be deployed on various cloud environments, including Amazon AWS EC2, Google, IBM SoftLayer, and Microsoft Azure. The following guides provide instructions you can use to deploy a Guardium instance in a specific cloud.

IBM Guardium: Running a Vulnerability Assessment

The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this demonstration, you learn how to configure and run a database vulnerability assessment.

IBM Guardium: 10.1.3 Overview - Speed Compliance and Simplify Deployments

The video provides details on IBM Guardium release 10.1.3. This release helps to speed compliance and simplify deployments.

Assessing Database Vulnerabilities using IBM Guardium

The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this lab, you learn how to configure and run a database vulnerability assessment.

Creating a IBM Guardium Policy to Log File Activity

Using IBM Guardium, you can create policies to monitor access to unstructured data, such as that found in files, as well as structured data, such as that found in databases. In this lab, you learn how to create and install policies to monitor files. Then you modify the FAM policy and add a rule that prevents a group of users from copying a file.

Using IBM Guardium to Create a File Activity Monitoring Dashboard and Report

File activity monitoring (FAM) includes two major components: the first component discovers and classifies files stored in the file system and the second component is the activity monitor. It extracts the security policy from the appliance and enforces it on file activity in real time.

In this lab, you view the settings necessary to perform file access monitoring, create a dashboard and add a file entitlement report, and then perform some file operations to view how the FAM functionality reacts to changes.

File Activity Monitoring using IBM Guardium

IBM Guardium version 10 includes functionality to monitor file activity. In this video, you will view the discovery and classification capabilities of the file activity monitoring tools and learn how to set up a blocking rule to prevent someone from deleting files in a directory as well as logging the attempt.

IBM Guardium troubleshooting and Support

This course covers:

  • How to capture must gathers from Guardium
  • Collecting a guard_diag for a Guardium S-TAP installed on UNIX
  • How to Upload Data to a Support Ticket (PMR)
  • Using Guardium cli commands iptraf and tcpdump to troubleshoot network issues

How to download and install a Guardium patch

Patching your Guardium installation is a periodic administrative task. In this video, you learn how to download a Guardium patch from IBM Fix Central, upload it to your IBM Guardim appliance, and use the API to install the patch.

Preventing and Reacting to Guardium Database Full Issues

Guardium processes large amounts of information about database access. In this video, you will learn to take steps to prevent your Guardium internal database filling up, troubleshoot when it is filling up and take action to reduce the space when needed.

How to Upload Data to a Support Ticket (PMR)

From time to time, you may need to contact IBM Guardium support for assistance with an issue. When this happens, providing the correct information about your IBM Guardium environment can speed and ease resolution of the issue. In this unit, you learn how to find critical IBM Guardium support information.

Deployment Guide for InfoSphere Guardium

This IBM Redbooks® publication provides a guide for deploying the Guardium solutions.

This book also provides a roadmap process for implementing an InfoSphere Guardium solution that is based on years of experience and best practices that were collected from various Guardium experts. We describe planning, installation, configuration, monitoring, and administrating an InfoSphere Guardium environment. We also describe use cases and how InfoSphere Guardium integrates with other IBM products.

IBM Guardium Foundations

This is a commercial course that is available through our training partners. Please follow the link below to enroll in this course. 


 Are you getting ready to administer database security policies? Learn how to configure Guardium to discover, classify, analyze, protect, and control access to sensitive data. You learn to perform vulnerability assessment, and how to monitor data and file activity. This course teaches you how to create reports, audits, alerts, metrics, and compliance oversight processes. 


 Database administrators, security administrators, security analysts, security technical architects, and professional services using IBM Guardium. 


Before taking this course, make sure that you have the following skills: 

  • Working knowledge of SQL queries for IBM DB2 and other databases
  • Working knowledge of UNIX commands 
  • Familiarity with data protection standards such as HIPAA and CPI

Click on this link to go to the IBM Training Website to find a training partner for this course.

View enrollment options

IBM Guardium Groups and Policies

This module shows how to create basic resources, such as: - Static and dynamic group creation and group member management - Policy creation and modification

Creating and Installing a Policy

Policy is a key component of data security. To keep your data secure, you must be able to implement rules on how data access is monitored, logged, and controlled. In this unit, you will learn how to create and install IBM Guardium policies on data access.

Guardium and Resilient integration: Email Connector

In this video, you will see how to set up IBM Guardium email alerts in an IBM Resilient incident response workflow using the Resilient Email Connector.