IBM Security Guardium

Hi Experts,

We are planning to integrate an Azure PaaS-based DB (version- 12.0.2000.8). Could you please clarify if VA scan is possible with this DB?

------------------------------
ALBERT A
------------------------------

Albert,

Azure SQL does have VA capability in Guardium. 

If you are speaking of another database type, please clarify.

Or you can look them up directly at:  https://ibm.github.io/guardium-supported-datasources/

Thank you.

Jennifer

------------------------------
Jennifer Dodson
Brand Technical Specialist
Global Sales, Financial Services
1 469 796 8337 Mobile
jennifer.dodson@ibm.com

IBM
------------------------------

Original Message:
Sent: Wed May 08, 2024 12:40 PM
From: ALBERT A
Subject: VA scan for Azure PaaS based DB

Hi Experts,

We are planning to integrate an Azure PaaS-based DB (version- 12.0.2000.8). Could you please clarify if VA scan is possible with this DB?

------------------------------
ALBERT A
------------------------------

Hi Jennifer,

Thank you for the information. Appreciated.

 

------------------------------
ALBERT A
------------------------------

Original Message:
Sent: Wed May 08, 2024 12:52 PM
From: Jennifer Dodson
Subject: VA scan for Azure PaaS based DB

Albert,

Azure SQL does have VA capability in Guardium. 

If you are speaking of another database type, please clarify.

Or you can look them up directly at:  https://ibm.github.io/guardium-supported-datasources/

Thank you.

Jennifer

------------------------------
Jennifer Dodson
Brand Technical Specialist
Global Sales, Financial Services
1 469 796 8337 Mobile
jennifer.dodson@ibm.com

IBM

Original Message:
Sent: Wed May 08, 2024 12:40 PM
From: ALBERT A
Subject: VA scan for Azure PaaS based DB

Hi Experts,

We are planning to integrate an Azure PaaS-based DB (version- 12.0.2000.8). Could you please clarify if VA scan is possible with this DB?

------------------------------
ALBERT A
------------------------------

Albert, the link provided by another on this request does not define what is supported by VA.  VA does not support all of the DBMS that STAP supports.

Guardium VA supports SQL DB Azure with 'some' exceptions.  It only supports local password and does NOT support Azure Active Directory authentication and does not appear to support encryption in transit with the connection based on the link below.

SQL DB Azure - IBM Documentation

There is also a custom credential deployment script for SQL DB Azure as there are differences between a local or IAAS implementation of MS SQL and using SQL DB Azure.  There may also be a limitation on some of the tests.  I know with Amazon RDS for MS SQL there are tests that cannot be run because the customer has no capability to access.  I'm not sure if the same applies with SQL DB Azure but the following link is a set of 'exceptions' for Amazon RDS to give you an example.  If you find the same with SQL DB Azure, I'd suggest a ticket with IBM to ask them to duplicate what they've done below for Azure.

Deploy IBM Guardium VA on Amazon Relational Database Service (RDS)

------------------------------
Walter York
------------------------------

Original Message:
Sent: Wed May 08, 2024 12:40 PM
From: ALBERT A
Subject: VA scan for Azure PaaS based DB

Hi Experts,

We are planning to integrate an Azure PaaS-based DB (version- 12.0.2000.8). Could you please clarify if VA scan is possible with this DB?

------------------------------
ALBERT A
------------------------------

Just a clarification regarding my content. The github link can clarify what Guardium products and features are supported once you have the exact Database platform. The specific Azure PaaS-based DB was not provided.  I decided to use Azure SQL as a baseline for the example. Once you select Azure SQL from the github page, you can see that Guardium Data Protection and Guardium Insights are the available products as well as the Vulnerability Assessment and Discovery and Classification features.   

Thank you. 

------------------------------
Jennifer Dodson
Brand Technical Specialist
Global Sales, Financial Services
1 469 796 8337 Mobile
jennifer.dodson@ibm.com

IBM
------------------------------

Original Message:
Sent: Thu May 09, 2024 06:48 AM
From: Walter York
Subject: VA scan for Azure PaaS based DB

Albert, the link provided by another on this request does not define what is supported by VA.  VA does not support all of the DBMS that STAP supports.

Guardium VA supports SQL DB Azure with 'some' exceptions.  It only supports local password and does NOT support Azure Active Directory authentication and does not appear to support encryption in transit with the connection based on the link below.

SQL DB Azure - IBM Documentation

There is also a custom credential deployment script for SQL DB Azure as there are differences between a local or IAAS implementation of MS SQL and using SQL DB Azure.  There may also be a limitation on some of the tests.  I know with Amazon RDS for MS SQL there are tests that cannot be run because the customer has no capability to access.  I'm not sure if the same applies with SQL DB Azure but the following link is a set of 'exceptions' for Amazon RDS to give you an example.  If you find the same with SQL DB Azure, I'd suggest a ticket with IBM to ask them to duplicate what they've done below for Azure.

Deploy IBM Guardium VA on Amazon Relational Database Service (RDS)

------------------------------
Walter York

Original Message:
Sent: Wed May 08, 2024 12:40 PM
From: ALBERT A
Subject: VA scan for Azure PaaS based DB

Hi Experts,

We are planning to integrate an Azure PaaS-based DB (version- 12.0.2000.8). Could you please clarify if VA scan is possible with this DB?

------------------------------
ALBERT A
------------------------------