IBM Security Guardium

 View Only
  • 1.  Redact(Masking) Not Working on MS SQL Server

    Posted 10 days ago

    Hello Seniors, Hope all is well.

    I am trying to Redact(Mask) a string/value using Guardium Extrusion Rules , for MS SQL Server. However, Values are getting masked in the Policy Violation Report(Log Only). But, on actual client tool which is "MICROSOFT SQL SERVER MANAGEMENT STUDIO" it is not getting masked. 

    Please note that, I have referred below two technotes and followed the guide . Even, I have tried to Attach Session by enabling Firewall. still , no luck. Can anyone guide me on this please. 

    REDACT - regex with '{' does not work on Windows DB Server

    Ibm remove preview
    REDACT - regex with '{' does not work on Windows DB Server
    Replace '{' with predefined SCRUB pattern names.
    View this on Ibm >

     IBM Security Guardium: the REDACT action does not work with regular expressions that include curly braces ("{" y "}") when applied to database servers on Microsoft Windows

    Ibm remove preview
    IBM Security Guardium: the REDACT action does not work with regular expressions that include curly braces ("{" y "}") when applied to database servers on Microsoft Windows
    As part of the data protection services offered by IBM Security Guardium™, it is possible to hide or mask all or part of the result set of a query, in order to protect sensitive information from unauthorized entities or users.
    View this on Ibm >



    ------------------------------
    Sincerely,
    Akash Parmar
    ------------------------------


  • 2.  RE: Redact(Masking) Not Working on MS SQL Server

    Posted 9 days ago

    Hi Akash,

    If you've never seen expected result, I'd suggest to check the settings first. Did you check Inspect Returned Data and press Restart Inspection Engine from Guardium GUI, Manage > Activity Monitoring > Inspection Engines before using REDACT function?

    If you're seeing expected result without your own regex, c
    ould you please show us the regex that you're using and the data that you're expecting to be masked, and the data type (e.g. NVARCHAR(100))? This could be a sensitive information, then I'd suggest to open a support ticket, then we can review your data and configuration in our secure environment.

    Thanks,
    Satoshi



    ------------------------------
    SATOSHI KAWASE
    ------------------------------



  • 3.  RE: Redact(Masking) Not Working on MS SQL Server

    Posted 9 days ago

    Hi Satoshi,

    Thank you for the response.  Below items are already done.

    Inspect Returned Data and press Restart Inspection Engine from Guardium GUI, - even restarted Sniffer from CLI.

    Regarding your second query - data type is = char(20) & the actual value is 000017-AED-0086-51

    I have used multiple regex but no luck. For example,

    0\d\d\d\d\d-([A-Z][A-Z][A-Z]|[a-z][a-z][a-z])-\d\d\d\d-\d\d

    ([0-9][0-9][0-9][0-9][0-9][0-9])[-]([A-Z][A-Z][A-Z])[-]([0-9][0-9][0-9][0-9])[-]([0-9][0-9])

    ([0-9][0-9][0-9][0-9])[0-9][0-9]



    ------------------------------
    Akash Parmar
    ------------------------------



  • 4.  RE: Redact(Masking) Not Working on MS SQL Server

    Posted 8 days ago

    Hi Akash,

    I have created a table on MS SQL Server that has a char(20) column, and installed a policy that replaces the first 4 digits to asterisk (*) when 6 digits number is found. I mean, I used REDAT with regex "([0-9][0-9][0-9][0-9])[0-9][0-9]". Everything worked fine.

    What I ran is here:

    create table table0919 (col1 char(20), col2 char(10))
    insert into table0919 values ('qazwsxedcrqazwsxedcr', '1q1q1q1q1q')
    insert into table0919 values ('000017-AED-0086-51XX', 'abcabcabca')
    select * from table0919

    Here is the response:

    col1                 col2
    -------------------- ----------
    qazwsxedcrqazwsxedcr 1q1q1q1q1q
    ****17-AED-0086-51XX abcabcabca

    I do not know why it's not working in your environment. Could you please open a support ticket? Then support engineers will review your environment and should be able to find what's missing.

    Thanks,
    Satoshi



    ------------------------------
    SATOSHI KAWASE
    ------------------------------



  • 5.  RE: Redact(Masking) Not Working on MS SQL Server

    Posted 8 days ago

    Hi Satoshi, Appreciate your support in this regard. I shall open a support ticket on this. thanks again!



    ------------------------------
    Akash Parmar
    ------------------------------