Guardium

Guardium Courses:

Guardium inspection engine management for discovered databases

You can configure IBM Security Guardium to discover databases that are created on both Windows and UNIX systems. In many cases, you might want Guardium to create and run inspection engines on all newly discovered databases. However, there are scenarios in which you want to control when and how Guardium creates new inspection engines. In these cases, Database Discovered Instances Rules, which is available in Guardium 11.2, provides a way to manage inspection engine creation. You can configure Discovered Instances Rules from a central manager in a managed environment or on a stand-alone system.

In this lab, you use the Database Discovered Instance Rules to specify how to manage inspection engines for discovered databases.

This type of configuration requires Guardium 11.2 or higher.

Franklin Almonte

Guardium database vulnerability assessment

The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this lab, you learn how to configure and run a database vulnerability assessment.

This lab environment reflects Guardium 10.5.

Franklin Almonte

Guardium sample roles

In IBM Security Guardium, you use roles to grant access to Guardium resources, applications, and accelerators. This guide discusses the sample user roles such as Basel II, PCI, SOX, and GDPR to name a few. For each role, you learn the purpose of the role, the applications that the role has access to, and what the default user desktop that is associated with the role looks like.

Guardium default roles

This intermediate level guide discusses the default  user roles in Guardium. Students learn the purpose of each role, the applications that the role has access to, and what the default user desktop that is associated with the role looks like.

Updating Guardium from 11.0 to 11.1

IBM Security Guardium Patch Updates (GPUs) update the subversion of Guardium. It is common practice to install the latest GPU for both code fixes and feature/function enhancements.

In this lab, you upgrade a Central Manager appliance from subversion 11.0 to version 11.1 by first installing the Health Check Patch p9999 and then installing GPU p100.

Upgrading Guardium from 10.6 to 11.0

The correct approach for upgrading IBM Security Guardium depends on multiple factors, which include the version you are upgrading from, the hardware of your system, and any special partitioning requirements you might have. A common way to upgrade Guardium to the latest version is the upgrade patch method. Use an upgrade patch to upgrade all systems in a managed environment. The upgrade patch preserves all data and configurations with the exception of user interface (UI) customizations due to a new UI architecture.


In this lab, you upgrade a Central Manager appliance from version 10.6 to version 11.0 by first installing the Health Check Patch p9998 and then installing upgrade patch p11001. Along the way, you encounter a couple of common error conditions that you must remediate in order to perform a successful upgrade.