Guardium

Guardium Courses:

Guardium auto create inspection engines

In this video, Guardium expert Glenn Weidner demonstrates enhancements to Guardium 11.2 auto create inspection engines, including scheduler user interface, rules results report, report only mode, and alerts.

What's new in Guardium 11.2

In this video, Shay Harel, Director of Data Security Engineering, explores the new features and updates in IBM Guardium v11.2.









Topics include:

  • Deployment Health
  • Asset reconciliation  
  • LDAP import
  • 2FA using DUO
  • FAM enhancements
  • Auto create inspection engine
  • GIM upload modules
  • Active threat detection
  • Vulnerability Assessment enhancements 
  • Ticketing support for audit process 
  • S-TAP updates 
  • Outliers clustering
  • Session Level Policy updates
  • ELB failover


Upgrading to Guardium 11

In this video, Vlad Langman, L3 Engineering Manager, discusses best practices for upgrading to Guardium 11.

Build Your First Guardium App Using the New Ecosystem Technologies

Guardium 10.5 includes an ecosystem to extend and enhance your current Guardium deployment with new capabilities. Guardium apps are the centerpiece of the ecosystem, allowing you to augment and enrich your current Guardium system. You can create your own Guardium apps or download and install shared apps created by IBM, business partners, or other Guardium customers.

In this tech talk, John Haldeman from Information Insights will share his experiences using the Guardium Ecosystem and demonstrate how to:

- Create a Guardium app using the Software Development Kit (SDK)

- Deploy your app on your Guardium appliance

- Share your app on the IBM Guardium App Exchange

Dos and Don'ts of Guardium GPU patch installation

This video provides an example of installing a Guardium GPU patch; highlighting good practices and tips for the install.

Facilitating secure hybrid cloud adoption with Guardium

Learn how IBM Security Guardium helps organizations expand data protection capabilities across hybrid/multi-cloud deployment models and take advantage of fast-paced innovation delivered through cloud-enabled services securely.

There is a fundamental shift in the way IT is providing services through modernized infrastructure and SecDevOps driven operational models. This shift, in turn, is affecting all the facets of application management, including the way organizations use and consume next-generation database management solutions.

Topics covered
  • Cloud trends
  • Database service use cases
  • Cloud journey
  • Data protection
  • External-TAP
  • Native logging
  • Streaming APIs
  • Considerations
  • Adoption
  • Guardium for database services

  • Guardium 11 policy analyzer

    Guardium 11 introduces Policy Analyzer, which provides rule counts for installed Data Access Management (DAM) policy rules.

    Guardium 11 Vulnerability Assessment CyberArk integration

    This Tech Talk focuses on one of the many key features of Guardium 11, integration with CyberArk for managing user names and passwords, as well as, enhancements for managing data sources and groups. 

    Guardium 11 Vulnerability Assessment Overview

    The Guardium 11 Vulnerability Assessment (VA) has many new features, including test exceptions, test detail exceptions, security assessment using datasource group, CyberArk integration, DataStax Cassandra, as well as support for the new release of MongoDB 4.0, PostgreSQLv11 and Oracle 18c CVE tests.

    Guardium appliance patching

    In this Open Mic video, Avi Walerius from Guardium Technical Support discusses different aspects of appliance patches: differences between patch types, advice on the health check patch, and best practices for installing GPU patches.

    Guardium ATAP & EXIT functionality for database traffic collection

    This Guardium Open Mic discusses the usage of ATAP and EXIT. ATAP allows interception of encrypted traffic at the database server application level, and EXIT functionality makes it possible to intercept any traffic while eliminating the need for loading the KTAP module into the kernel.

    Guardium Big Data Intelligence for Data Security Insights and Integration

    Guardium Big Data Intelligence complements existing Guardium deployments with the ability to quickly integrate an optimized security data lake.

    Part 1 covers architecture, reporting, and data retention.

    Part 2 takes a deeper look at the solution and its benefits, which includes: noise-reduction analytics, data integrations for enrichment and automation, workflow and orchestration, trusted connections, and Database User Entity Behavior Analytics.

    Guardium disk and database health analyzer

    New in IBM Guardium 10.6, alerts are sent when the system predicts that a DB size or files on disk (/var) will reach 50% in the next 14 days. Alerts detail the predicted size and the largest tables or files. Alerts are also shown in the deployment health dashboard of the central manager.  In this course, you will see a quick overview of this feature and then a deeper dive into the function and its architecture.

    Guardium for z/OS overview

    The IBM DB2 for z/OS platform stores mission critical data for companies. In this overview, you will learn how IBM Security Guardium can help monitor, audit, and protect DB2 z/OS environments.  Topics include best practices and approaches to protect your data using Guardium for DB2 z/OS S-TAP features and capabilities, and troubleshooting.

    Guardium Full Appliance Issues - Detection, Root Cause, and Remediation

    The information in this Open Mic will help keep you out of trouble and possibly rescue you in the case of full appliance issues.

    Agenda:

    • Introduction
    • Detection
    • First Response
    • Getting to Root Cause
    • Questions & Answers

    In the follow-up to the Open Mic, John spends time answering audience questions on that and other topics.

    • Reboot the appliance
    • Issues with fixes
    • Vulnerabilities
    • The Discovery engine
    • High CPU

    Guardium Installation Manager (GIM) Agent Installation - Part 1

    The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers.  In this course, you will learn about GIM Agent installation planning, installation steps and validation, and installation troubleshooting.  This is Part 1 of a two-part series.

    Guardium Installation Manager (GIM) Usage and Deployment Methods - Part 2

    The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers.  In this course, you will learn about GIM deployment and usage, and includes GIM reports, registration and authentication, and troubleshooting.  This is Part 2 of a two-part series.

    Guardium Open Mic: Using Buffer Usage Monitor Report & Sniffer Must-gather for Troubleshooting

    Guardium technical support commonly analyzes the Buffer Usage Monitor Report & Sniffer must_gather to determine problems occurring with in the Guardium environment. This Open Mic explores those reports and information commonly analyzed.

    Guardium Tech Talk: Hints and tips for a successful v10 upgrade

    During this Tech Talk, Guardium experts discuss hints and tips for a successful upgrade to v10

    Guardium User Management

    During this Open Mic session, Carolina Leme from Guardium Level 2 support discusses user management and roles and responsibilities.  The bookmarks in the video will take you to the following topics:

    • Administrator responsibilities
    • Root user
    • GUI users
    • CLI access
    • Roles and permissions

    Guardium v10 Enterprise Load Balancing

    Load balancing automatically allocates managed units to S-TAP agents when new S-TAPs are installed and during fail-over when a managed unit is unavailable. The load balancing application also dynamically re-balances loaded or busy managed units by relocating S-TAP agents to less-loaded managed units.  These topics are discussed in this Open Mic.

    IBM Guardium Data Protection for Files, NAS, and SharePoint

    IBM Guardium Data Protection for Files discovers and classifies unstructured sensitive file repositories on various platforms, including Network Attached Storage (NAS) and Microsoft SharePoint. These videos cover:
    • Data-centric security approach
    • Partnership with STEALTHbits
    • Data Protection for Files, NAS, and SharePoint
    •  File Discovery, Entitlement, and Classification (FDEC)
    • File Activity Monitoring (FAM)

    IBM Guardium Distributed Reports

    In this Open Mic, you will learn about IBM Guardium distributed reports. This Central Manager feature provides a way to automatically gather data from all or a subset of the Guardium managed units that are associated with this particular Central Manager. Distributed reports are designed to provide a high-level view, to correlate data from across data sources, and to summarize views of the data.

    IBM Guardium: Sniffer restart & High CPU correlation alerts

    This Open Mic discusses how to troubleshoot underlying problems causing you to receive Sniffer restart and High CPU correlation alerts.

    Is Your Guardium Environment Secure & Supportable?

    In this Guardium Open Mic, the following topics are discussed:  Shared Secrets, ID's and Passwords, Ports and Firewalls, Backups and Archives, Supportability Options

    Open Mic: How to Build Custom KTAP Linux STAP

    This IBM Guardium Open Mic discusses the following topics:

    • How to tell if KTAP will install directly on a kernel version? (i.e how to use ktaposmatch)
    • Options to build KTAP for unlisted kernel versions (flex_loading, and custom ktap build), including examples of each case, with GIM and non-GIM installs.

    Tips and tricks to keep Windows S-TAP healthy

    In this video, you will learn some tips and tricks for keeping your Windows S-TAP up and running with fewer issues.  You will investigate the following parameters and settings:

    • USE_TLS=1
    • DB2_EXIT_DRIVER_INSTALLED
    • WFP_DRIVER_INSTALLED
    • SOFTWARE_TAP_HOST or TAP_IP
    • LOAD_BALANCER_IP
    • GUARD_TAP.INI
    • LHMON_DRIVER_INSTALLED
    • TAP_MIN_TIME_BEFOREFAILOVER
    • TAP_MIN_HEARTBEAT_INTERVAL

    Troubleshooting Guardium S-TAP Severity 1 issues

    In this course, targeted for Guardium administrators, you'll learn about Severity 1 problems when the Database or Database Server might be effected, and be provided key troubleshooting recommendations and information to gather if necessary.

    What's new in Guardium 10.1.4

    In this Tech Talk, Guardium experts provide an overview of what is new in Guardium 10.1.4, including enhancements in compliance, ease of use, agents, and platform.

    What's New in Guardium 10.5

    The IBM Security Guardium Data Protection v10.5 platform continues to evolve to support a wider variety of use cases, both by adding new functionality and by opening up the platform to support application integration.  In this tech talk, you will get an overview of the new and updated Guardium features, including:

    • An apps ecosystem that enables integration of your own functionality into Guardium 
    • An expansion of file discovery and classification to more deployment models 
    • Updates to Vulnerability Assessment, including support for SAP HANA 
    • Enhanced integration to support Guardium Big Data Intelligence use cases 
    • Platform enhancements for currency, security, and manageability

    Bookmarks in the video take you to the following topics:

    • Guardium App Exchange (Ecosystem)
    • File Access Monitoring (FAM) for SharePoint and NAS
    • Platform / OS changes
    • CyberArk integration
    • Currency updates
    • Sniffer updates
    • Guardium Big Data Intelligence (GBDI) integration
    • STAP, ATAP, and GIM updates
    • Vulnerability Assessment (VA)
    • IBM License Metric Tool (ILMT)


    What's new in Guardium 10.6

    In this Tech Talk, Shay Harel discusses several new IBM Guardium 10.6 enhancements that improve usability, core functionality and enable greater extensibility to new types of data environments. In the area of usability, there is a new policy builder user interface, as well as easier to use query report builder. There are new monitoring capabilities for Database as a Service. In addition, Guardium performance has been enhanced. Vulnerability assessment has improved accuracy and scan granularity. File access management with NAS and SharePoint enables consistent data protection across unstructured as well as structured data.

    What's new in Guardium 11.0

    In this video, Shay Harel, Director of Data Security Engineering, explores the new features and updates in IBM Guardium v11. 

    Topics include:

    • Upgrade
    • Active threat analytics
    • Risk spotter
    • Policy analyzer
    • Smart Assistant
    • CyberArk integration
    • Data protection for files (Sharepoint and NAS)       
    • Vulnerability Assessment enhancements
    • External STAP with Kubernetes
    • Monitor DBaaS without STAP
    • New platform support database
    • Miscellaneous updates

    What's new in Guardium 11.1

    In this video, Shay Harel, Director of Data Security Engineering, explores the new features and updates in IBM Guardium v11.1. 






    • Mapping applications
    • Active threat analytics                         
    • Risk spotter
    • ServiceNow integration
    • Auto create inspection engine
    • IPv6 support
    • Cloud database updates  
    • Vulnerability Assessment enhancements  
    • S-TAP updates 
    • Mainframe updates
    • Sankey diagram for advanced investigations

    Working with Guardium Certificates

    This Open Mic covered different aspects of IBM Guardium certificates, including the prerequisite for installing certificates, how to create request certificates, converting certificates in the format that Guardium supports, and the hierarchy of certificates.