Guardium Courses (18):

The IBM Guardium improved query-report builder

Starting with version 10.6, IBM Guardium has a new query and report builder. This builder incorporates many of the 10.x design features, including a format that presents configuration options as sections, as well as an intuitive, step-by-step guide to create and configure the query and report. The report is automatically generated from the query. If the query is modified, the report is automatically regenerated when the query is saved.

In these exercises, you create a query and report that shows SQL commands. Then you generate data to test the report and view the results.

The IBM Guardium improved policy builder

Starting with version 10.6, IBM Guardium has a new policy builder. This builder incorporates many of the 10.x design features, including a format that presents configuration options as sections, as well as an intuitive, step-by-step guide to create and configure the policy.

In this lab, you use the new policy builder to create a policy that logs any attempt by a group of privileged users to run an INSERT command on a sensitive database table. Then you install the policy, generate data to test the policy, and view the results.

Introduction to the IBM Guardium User and Command Line Interfaces

In this course, you will become familiar with the IBM Guardium v10 user and command line interfaces.  You see how the Guardium user interface allows easy access to commonly used features and applications.  The Guardium CLI allows you to automate and script frequently used functions. You see how to search for commands and list applicable options.

In the hands-on lab, you will explore the interface and learn how to classify data in your database environment.

IBM Guardium session-level policy
NEW

IBM Guardium v10.6 introduces session-level policy. This feature allows you to create policies that use database session information to make key decisions about actions, and makes Guardium database monitoring more efficient.

In this lab, you create and test a session-level policy.

Using IBM Guardium to Quarantine Database Access

IBM Guardium provides powerful functions to monitor and control database access. IBM Guardium can terminate sessions performing suspicious database access commands, and even quarantine suspicious users.

In this lab, you will explore the session termination and quarantine functionality.

Creating an IBM Guardium report with drill-down capabilities

IBM Guardium contains a powerful tool that links related reports. Users can click report entries and view a list of other reports that provide more granular information related to the entry.

In this lab, you create a drill-down report to extend the capabilities of existing reports. Then, you test your new report.


Deploying the Guardium S-TAP Agent

Guardium S-TAP is a lightweight software agent installed on database servers. S-TAP agents collect the data that are used by traffic reports, alerts, and visualizations. S-TAP agents also enact certain policy rules.

In this hands on exercise, you install the S-TAP agent using the Guardium Installation Manager (GIM) and the Guardium GUI.

Using IBM Guardium APIs to Speed Deployment and Automate Repetitive Tasks

Regular upkeep of your data security environment is required to keep the system aligned with the ever-changing IT environment, including new data servers, new uses of sensitive data, new users, and new applications. Organizations that use IBM Guardium for data security and compliance can take advantage of a rich set of APIs to automate processes and maintain the system in a more efficient manner.

In this course, you learn how Guardium APIs can speed deployment and automate repetitive tasks such as creating a datasource, updating users, or modifying groups.


Cloning an IBM Guardium Query and Report

IBM Guardium provides over 600 preconfigured reports. As well as being useful in themselves, these reports can serve as templates to create a report customized to your specific needs. This saves time and effort.

In this 30 minute course, you will clone a Guardium query. You will customize the fields and conditions of this query, then generate a report from this new query.

IBM Guardium Policy: The Continue to Next Rule Functionality

When you create Guardium policies with multiple rules, you might want to ensure that processing does not stop when one rule is triggered. 

In this hands-on lab, you investigate the Continue to Next Rule check box and how it affects policy processing.

The prerequisite for this course is basic knowledge of configuring IBM Guardium Policy.

Creating an IBM Guardium Query and Report

IBM Guardium gathers a large amount of data about your database environment. Queries probe this data, while reports display this data in an easily viewable format.

In this lab, you will create a simple query and a report based on that query.

This hands-on lab is targeted towards Guardium users and administrators who create and maintain reports. It will take approximately 30 minutes to complete.


Detecting failed database logins using IBM Guardium

Guardium Data Security policies help flag suspicious database activity and events.

In this lab, you create a policy with rules to flag events where a database user has failed at multiple attempts to login during a short duration of time.

This hands-on lab is targeted towards Guardium users and administrators who maintain database security policies. It will take approximately 30 minutes to complete.


Creating and Populating an IBM Guardium Group

Guardium 10.1.4 provides a new group builder application which provides powerful tools for populating group members and allows you to see which resources use a given group.

In this exercise, you learn to how to build and populate the Guardium groups.

This hands-on lab is targeted for IBM Guardium users and administrators who need create and maintain groups. The lab will take approximately 30 minutes to complete.

Using IBM Guardium to Create a Policy from File Activity Discovery and Classification Results

IBM Guardium  provides tools to discover, classify, and build policies for files. 

In this lab, you will use the quick search GUI window to find files that contain sensitive information, select a set of these files, and create a policy that monitors attempts to access these files.

This hands-on lab is targeted to IBM Guardium users and administrators who need to create policies to control access to files which contain sensitive information.

Creating a Guardium Policy that Ignores Trusted User Session Database Activity

Guardium Data Security policies help flag suspicious database activity. By configuring policy rules to ignore trusted database activity, you can reduce the load on the network and Guardium managed units.

In this lab, you create a policy with rules to discard trusted activity and to flag untrusted activity.

This hands-on lab is targeted towards Guardium users and administrators who maintain database security policies. It will take approximately 30 minutes to complete.

Assessing Database Vulnerabilities using IBM Guardium

The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this lab, you learn how to configure and run a database vulnerability assessment.

Creating a IBM Guardium Policy to Log File Activity

Using IBM Guardium, you can create policies to monitor access to unstructured data, such as that found in files, as well as structured data, such as that found in databases. In this lab, you learn how to create and install policies to monitor files. Then you modify the FAM policy and add a rule that prevents a group of users from copying a file.

Using IBM Guardium to Create a File Activity Monitoring Dashboard and Report

File activity monitoring (FAM) includes two major components: the first component discovers and classifies files stored in the file system and the second component is the activity monitor. It extracts the security policy from the appliance and enforces it on file activity in real time.

In this lab, you view the settings necessary to perform file access monitoring, create a dashboard and add a file entitlement report, and then perform some file operations to view how the FAM functionality reacts to changes.