IBM Security Guardium

  • 1.  IBM I Series S-TAP not Successful

    Posted Fri September 10, 2021 02:01 AM
    HI Everyone,

    Running IBM I series (IBM i 7.3 - Db2 PTF Group SF99703 Level 22), it is the supported service level and STAP status is like below:
    When I opened /usr/local/guardium/install_out.txt, status is like below:


    But I dont see any Inspection engine detected in Guardium.
    Is the installation successful or not? What might be the issue?

    Thanks,
    Panendar Rao.C

    ------------------------------
    PHANENDRA RAO CHAVANA
    ------------------------------


  • 2.  RE: IBM I Series S-TAP not Successful

    Posted Fri September 10, 2021 05:44 AM
    Hi Phanendra,

    After the installation is complete:
    - Guardium attempts to start the processes that enable activity monitoring and to locate the InfoSphere Guardium collector using the IP address specified at the installation time.
    - Make sure PING RMTSYS('x.x.x.x') from IBM i to Guardium collector IP (x.x.x.x) is working (NOT connection refused or timeout)
    - Required ports on IBM i is opened. Port 16016 must be bidirectionally open in firewall
    •TCP 16016
    – UNIX STAP, both directions, registration, heartbeat, and data (including IBM i S-TAP running in PASE)

    Demi

    ------------------------------
    DEMI SIEW PING LEE
    ------------------------------



  • 3.  RE: IBM I Series S-TAP not Successful

    Posted Mon September 13, 2021 05:42 AM
    There is no inspection engine for iSeries S-TAP. This is different from open platform. But, you can use the DB2 i S-TAP Configuration and Status report to pull the information from i S-TAP.

    ------------------------------
    TS Teh
    ------------------------------