IBM Security Guardium

Hi all,

I WANT to mask the  column "Card" content data type  NVARCHAR2(150) of credit card number whenever any user other then sys user try to capture the data of perticular column. It is oracle 19 os aix 7.2
I have created  extrusion rule with redact action.

------------------------------
ajay rawat
------------------------------

Hi Ajay,

Have you installed below parameter with S-TAP installation?

STAP_FIREWALL_INSTALLED - 1

Have you verified that the blocking is working?
Check the regular expression you use in the redact policy and let us know.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA
------------------------------

Original Message:
Sent: Mon June 27, 2022 05:05 PM
From: ajay rawat
Subject: Redact action is not working .

Hi all,

I WANT to mask the  column "Card" content data type  NVARCHAR2(150) of credit card number whenever any user other then sys user try to capture the data of perticular column. It is oracle 19 os aix 7.2
I have created  extrusion rule with redact action.

------------------------------
ajay rawat
------------------------------

Hi,
Yes,STAP_FIREWALL_INSTALLED - 1 is enable. I have tested the sample in  regex simulation it showing pass (green). 
In access policy when i am configuring the action S-GATE terminate it is working fine.
In extrustion rule when am setting full LOG FULL DETAILS action i am able to see the hit are comming for that rule. Whenever i execute command but when i am setting  S-TAP TERMINATE action  it is not working. 



------------------------------
ajay rawat
------------------------------

Original Message:
Sent: Tue June 28, 2022 12:48 AM
From: PHANENDRA RAO CHAVANA
Subject: Redact action is not working .

Hi Ajay,

Have you installed below parameter with S-TAP installation?

STAP_FIREWALL_INSTALLED - 1

Have you verified that the blocking is working?
Check the regular expression you use in the redact policy and let us know.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Mon June 27, 2022 05:05 PM
From: ajay rawat
Subject: Redact action is not working .

Hi all,

I WANT to mask the  column "Card" content data type  NVARCHAR2(150) of credit card number whenever any user other then sys user try to capture the data of perticular column. It is oracle 19 os aix 7.2
I have created  extrusion rule with redact action.

------------------------------
ajay rawat
------------------------------

Hi Ajay Rawat,

In the Extrusion Rule, Rule actions should be (Redact) for masking the data not S-TAP Terminate.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA
------------------------------

Original Message:
Sent: Wed June 29, 2022 01:34 AM
From: ajay rawat
Subject: Redact action is not working .

Hi,
Yes,STAP_FIREWALL_INSTALLED - 1 is enable. I have tested the sample in  regex simulation it showing pass (green). 
In access policy when i am configuring the action S-GATE terminate it is working fine.
In extrustion rule when am setting full LOG FULL DETAILS action i am able to see the hit are comming for that rule. Whenever i execute command but when i am setting  S-TAP TERMINATE action  it is not working. 



------------------------------
ajay rawat

Original Message:
Sent: Tue June 28, 2022 12:48 AM
From: PHANENDRA RAO CHAVANA
Subject: Redact action is not working .

Hi Ajay,

Have you installed below parameter with S-TAP installation?

STAP_FIREWALL_INSTALLED - 1

Have you verified that the blocking is working?
Check the regular expression you use in the redact policy and let us know.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Mon June 27, 2022 05:05 PM
From: ajay rawat
Subject: Redact action is not working .

Hi all,

I WANT to mask the  column "Card" content data type  NVARCHAR2(150) of credit card number whenever any user other then sys user try to capture the data of perticular column. It is oracle 19 os aix 7.2
I have created  extrusion rule with redact action.

------------------------------
ajay rawat
------------------------------

Hi,

As per your last mail, For testing purspose i had kept S-tap Terminate action, but it is not working. After setting Rule actions as Redact still it is not working.
Kindly let us know we have to make given rule in session or access level. Also let us know if any other setting required. 

Thanks,
.......AR

------------------------------
ajay rawat
------------------------------

Original Message:
Sent: Thu June 30, 2022 12:41 AM
From: PHANENDRA RAO CHAVANA
Subject: Redact action is not working .

Hi Ajay Rawat,

In the Extrusion Rule, Rule actions should be (Redact) for masking the data not S-TAP Terminate.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Wed June 29, 2022 01:34 AM
From: ajay rawat
Subject: Redact action is not working .

Hi,
Yes,STAP_FIREWALL_INSTALLED - 1 is enable. I have tested the sample in  regex simulation it showing pass (green). 
In access policy when i am configuring the action S-GATE terminate it is working fine.
In extrustion rule when am setting full LOG FULL DETAILS action i am able to see the hit are comming for that rule. Whenever i execute command but when i am setting  S-TAP TERMINATE action  it is not working. 



------------------------------
ajay rawat

Original Message:
Sent: Tue June 28, 2022 12:48 AM
From: PHANENDRA RAO CHAVANA
Subject: Redact action is not working .

Hi Ajay,

Have you installed below parameter with S-TAP installation?

STAP_FIREWALL_INSTALLED - 1

Have you verified that the blocking is working?
Check the regular expression you use in the redact policy and let us know.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Mon June 27, 2022 05:05 PM
From: ajay rawat
Subject: Redact action is not working .

Hi all,

I WANT to mask the  column "Card" content data type  NVARCHAR2(150) of credit card number whenever any user other then sys user try to capture the data of perticular column. It is oracle 19 os aix 7.2
I have created  extrusion rule with redact action.

------------------------------
ajay rawat
------------------------------

Hey,
I would love to know if you managed to mask the data?
If so, I would like to understand how it worked out and what necessary actions you performed?

Thanks,

Ariel 

------------------------------
Ariel Oz
------------------------------

Original Message:
Sent: Fri July 01, 2022 04:23 PM
From: ajay rawat
Subject: Redact action is not working .

Hi,

As per your last mail, For testing purspose i had kept S-tap Terminate action, but it is not working. After setting Rule actions as Redact still it is not working.
Kindly let us know we have to make given rule in session or access level. Also let us know if any other setting required. 

Thanks,
.......AR

------------------------------
ajay rawat

Original Message:
Sent: Thu June 30, 2022 12:41 AM
From: PHANENDRA RAO CHAVANA
Subject: Redact action is not working .

Hi Ajay Rawat,

In the Extrusion Rule, Rule actions should be (Redact) for masking the data not S-TAP Terminate.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Wed June 29, 2022 01:34 AM
From: ajay rawat
Subject: Redact action is not working .

Hi,
Yes,STAP_FIREWALL_INSTALLED - 1 is enable. I have tested the sample in  regex simulation it showing pass (green). 
In access policy when i am configuring the action S-GATE terminate it is working fine.
In extrustion rule when am setting full LOG FULL DETAILS action i am able to see the hit are comming for that rule. Whenever i execute command but when i am setting  S-TAP TERMINATE action  it is not working. 



------------------------------
ajay rawat

Original Message:
Sent: Tue June 28, 2022 12:48 AM
From: PHANENDRA RAO CHAVANA
Subject: Redact action is not working .

Hi Ajay,

Have you installed below parameter with S-TAP installation?

STAP_FIREWALL_INSTALLED - 1

Have you verified that the blocking is working?
Check the regular expression you use in the redact policy and let us know.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Mon June 27, 2022 05:05 PM
From: ajay rawat
Subject: Redact action is not working .

Hi all,

I WANT to mask the  column "Card" content data type  NVARCHAR2(150) of credit card number whenever any user other then sys user try to capture the data of perticular column. It is oracle 19 os aix 7.2
I have created  extrusion rule with redact action.

------------------------------
ajay rawat
------------------------------

Hi Ajay,

I manage to Redact data in my environment (after many days of looking for a solution) unfortunately there is no official guide\documentation provided by IBM :(.

What i have done is:

1. Installing firewall for Linux S-tap (default state 2)

2. Enabling Inspect Returned Data on the Collector and Restarting Inspection Engines.

3. The solution was eventually found by creating the correct Data Pattern in the Extrusion Rule.

I used this template ([0-9]{4})[0-9]{2} to create corresponding Regex for my masking needs, found it here:

https://www.ibm.com/support/pages/ibm-security-guardium-redact-action-does-not-work-regular-expressions-include-curly-braces-y-when-applied-database-servers-microsoft-windows

Also you may find what you need in this guide in the Data Pattern section:

https://www.ibm.com/docs/en/guardium/11.4?topic=actions-rule-definition-fields

Hope it helps.

Regards,

Roman.

------------------------------
Roman Streshinsky
------------------------------

Original Message:
Sent: Mon June 27, 2022 05:05 PM
From: ajay rawat
Subject: Redact action is not working .

Hi all,

I WANT to mask the  column "Card" content data type  NVARCHAR2(150) of credit card number whenever any user other then sys user try to capture the data of perticular column. It is oracle 19 os aix 7.2
I have created  extrusion rule with redact action.

------------------------------
ajay rawat
------------------------------