This Tech Talk focuses on one of the many key features of Guardium 11,
integration with CyberArk for managing user names and passwords, as well
as, enhancements for managing data sources and groups.
Guardium 11 introduces Policy Analyzer, which provides rule counts for installed Data Access Management (DAM) policy rules.
The Guardium 11 Vulnerability Assessment (VA) has many new features,
including test exceptions, test detail exceptions, security assessment
using datasource group, CyberArk integration, DataStax Cassandra, as well as support for the new
release of MongoDB 4.0, PostgreSQLv11 and Oracle 18c CVE tests.
- Data-centric security approach
- Partnership with STEALTHbits
- Data Protection for Files, NAS, and SharePoint
- File Discovery, Entitlement, and Classification (FDEC)
- File Activity Monitoring (FAM)
In this Tech Talk, Shay Harel discusses several new IBM Guardium 10.6 enhancements that improve usability, core functionality and enable greater extensibility to new types of data environments. In the area of usability, there is a new policy builder user interface, as well as easier to use query report builder. There are new monitoring capabilities for Database as a Service. In addition, Guardium performance has been enhanced. Vulnerability assessment has improved accuracy and scan granularity. File access management with NAS and SharePoint enables consistent data protection across unstructured as well as structured data.
In this video, Shay Harel, Director of Data Security Engineering, explores the new features and updates in IBM Guardium v11.
- Active threat analytics
- Risk spotter
- Policy analyzer
- Smart Assistant
- CyberArk integration
- Data protection for files (Sharepoint and NAS)
- Vulnerability Assessment enhancements
- External STAP with Kubernetes
- Monitor DBaaS without STAP
- New platform support database
- Miscellaneous updates
The information in this Open Mic will help keep you out of trouble and possibly rescue you in the case of full appliance issues.
- First Response
- Getting to Root Cause
- Questions & Answers
In the follow-up to the Open Mic, John spends time answering audience questions on that and other topics.
- Reboot the appliance
- Issues with fixes
- The Discovery engine
- High CPU
Load balancing automatically allocates managed units to S-TAP agents
when new S-TAPs are installed and during fail-over when a managed unit
is unavailable. The load balancing application also dynamically
re-balances loaded or busy managed units by relocating S-TAP agents to
less-loaded managed units. These topics are discussed in this Open Mic.
New in IBM Guardium 10.6, alerts are sent when the system predicts that a
DB size or files on disk (/var) will reach 50% in the next 14 days.
Alerts detail the predicted size and the largest tables or files. Alerts
are also shown in the deployment health dashboard of the central
manager. In this course, you will see a quick overview of this feature
and then a deeper dive into the function and its architecture.
This Open Mic covered different aspects of IBM Guardium certificates,
including the prerequisite for installing certificates, how to create
request certificates, converting certificates in the format that
Guardium supports, and the hierarchy of certificates.
Guardium 10.5 includes an ecosystem to extend and enhance your current Guardium deployment with new capabilities. Guardium apps are the centerpiece of the ecosystem, allowing you to augment and enrich your current Guardium system. You can create your own Guardium apps or download and install shared apps created by IBM, business partners, or other Guardium customers.
In this tech talk, John Haldeman from Information Insights will share his experiences using the Guardium Ecosystem and demonstrate how to:
- Create a Guardium app using the Software Development Kit (SDK)
- Deploy your app on your Guardium appliance
- Share your app on the IBM Guardium App Exchange
In this Open Mic video, Avi Walerius from Guardium Technical Support
discusses different aspects of appliance patches: differences between
patch types, advice on the health check patch, and best practices for
installing GPU patches.
The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers. In this course, you will learn about GIM deployment and usage, and includes GIM reports, registration and authentication, and troubleshooting. This is Part 2 of a two-part series.
In this video, you will learn some tips and tricks for keeping your Windows S-TAP up and running with fewer issues. You will investigate the following parameters and settings:
- SOFTWARE_TAP_HOST or TAP_IP
The Guardium Installation Manager (GIM) allows you to install, upgrade, and manage agents on individual servers or groups of servers. In this course, you will learn about GIM Agent installation planning, installation steps and validation, and installation troubleshooting. This is Part 1 of a two-part series.
- An apps ecosystem that enables integration of your own functionality into Guardium
- An expansion of file discovery and classification to more deployment models
- Updates to Vulnerability Assessment, including support for SAP HANA
- Enhanced integration to support Guardium Big Data Intelligence use cases
- Platform enhancements for currency, security, and manageability
- Guardium App Exchange (Ecosystem)
- File Access Monitoring (FAM) for SharePoint and NAS
- Platform / OS changes
- CyberArk integration
- Currency updates
- Sniffer updates
- Guardium Big Data Intelligence (GBDI) integration
- STAP, ATAP, and GIM updates
- Vulnerability Assessment (VA)
- IBM License Metric Tool (ILMT)
This IBM Guardium Open Mic discusses the following topics:
- How to tell if KTAP will install directly on a kernel version? (i.e how to use ktaposmatch)
- Options to build KTAP for unlisted kernel versions (flex_loading, and custom ktap build), including examples of each case, with GIM and non-GIM installs.
During this Open Mic session, Carolina Leme from Guardium Level 2 support discusses user management and roles and responsibilities. The bookmarks in the video will take you to the following topics:
- Administrator responsibilities
- Root user
- GUI users
- CLI access
- Roles and permissions
Guardium Big Data Intelligence complements existing Guardium deployments with the ability to quickly integrate an optimized security data lake.
Part 1 covers architecture, reporting, and data retention.
This video provides an example of installing a Guardium GPU patch; highlighting good practices and tips for the install.
In this Open Mic, you will learn about IBM Guardium distributed reports. This Central
Manager feature provides a way to automatically gather data from all or a
subset of the Guardium managed units that are associated with this
particular Central Manager. Distributed reports are designed to provide a
high-level view, to correlate data from across data sources, and to
summarize views of the data.
This Guardium Open Mic discusses the usage of ATAP and EXIT. ATAP allows
interception of encrypted traffic at the database server application
level, and EXIT functionality makes it possible to intercept any traffic
while eliminating the need for loading the KTAP module into the kernel.
In this Tech Talk, Guardium experts provide an overview of what is new in Guardium 10.1.4, including enhancements in compliance, ease of use, agents, and platform.
Guardium technical support commonly analyzes the Buffer Usage Monitor
Report & Sniffer must_gather to determine problems occurring with in
the Guardium environment. This Open Mic explores those reports and
information commonly analyzed.
During this Tech Talk, Guardium experts discuss hints and tips for a successful upgrade to v10
This Open Mic discusses how to troubleshoot underlying problems causing you to receive Sniffer restart and High CPU correlation alerts.
In this Guardium Open Mic, the following topics are discussed: Shared Secrets, ID's and Passwords, Ports and Firewalls, Backups and Archives, Supportability Options