IBM Security Guardium

  • 1.  Guardium S-TAP Control

    Posted Thu May 27, 2021 08:45 AM
    Hi all,

    My question is how to understand while adding or adjusting more Guardium Hosts (adding more than one collector, if one fails), how one can be sure which Collector is the main and which is the secondary and etc. Does the way of adding the collectors has an affect, what is the idea behind moving the Guardium Hosts (Collectors)?

    ------------------------------
    Dobri Georgiev
    ------------------------------


  • 2.  RE: Guardium S-TAP Control

    Posted Fri May 28, 2021 12:22 AM
    HI Dobri,

    Please refer below screenshot.
    STAP control tab shows that Collector IP that is point out currently, if it has configured for other collector IP, secondary one marks as inactive in the second line.
    Once primary collector is failed, automatically traffic will gets forwarded to other collector.


    Thanks,
    Panendar Rao.C

    ------------------------------
    PHANENDRA RAO CHAVANA
    ------------------------------



  • 3.  RE: Guardium S-TAP Control

    Posted Fri May 28, 2021 02:44 AM

    In addition to Phanendra answer.

    You can use ELB functionality if you implemented Central Manager. In this case CM will provide to STAP information about preferred failover collector.



    ------------------------------
    Zbigniew (Zibi) Szmigiero
    IBM
    ------------------------------



  • 4.  RE: Guardium S-TAP Control

    Posted Fri May 28, 2021 03:00 AM
    Hi,

    Thank you both for the answers!

    Just to clarify one more thing, what is the purpose behind the arrows is it only for arrangement or something else. And "Active" state means that this is the primary Collector for that S-TAP and the second Collector suits the role of a second collector if a failover occurs. Does the arrangement has the purpose to arrange the collectors in a manner that suits the solution in an enterprise environment with more than two collectors and when there are more to adjust it to the ones who are less overloaded.



    ------------------------------
    Dobri Georgiev
    ------------------------------



  • 5.  RE: Guardium S-TAP Control

    Posted Fri May 28, 2021 03:35 AM

    Dobri,

    You can add more than one failover collector. In this case the arrows provide you possibility to set the priority order of switching. BTW you cannot set failover above actually active one.



    ------------------------------
    Zbigniew (Zibi) Szmigiero
    IBM
    ------------------------------



  • 6.  RE: Guardium S-TAP Control

    Posted Fri May 28, 2021 04:21 AM
    Hi,

    Does the change of the active (primary) S-TAP requires a restart of the agent itself?

    ------------------------------
    Dobri Georgiev
    ------------------------------



  • 7.  RE: Guardium S-TAP Control

    Posted Fri May 28, 2021 06:07 AM
    Nope
     
    Pozdrawiam / Best Regards
    Zbigniew Szmigiero,
    Data Security Specialist - IBM Security  (EMEA)
    Software Group,
    IBM

    e-mail : zszmigiero@pl.ibm.com
    blog: https://guardiumnotes.wordpress.com
    Mobile phone : +48 691360623
    Short: 5333

    IBM Polska Sp. z o.o.
    ul. Krakowiaków 32
    02-134 Warszawa
    tel. : +48 22 878 6970
    fax.: +48 22 878 6888