This document summarizes the recommended hardware and supported databases and operating system platforms for IBM® InfoSphere® Guardium® v9.0/9.1.
The Guardium products related to the specifications are: Database Activity Monitor; Advanced Compliance Workflow Automation; Enterprise Integrator; Vulnerability Assessment (VA), Entitlement Reports, Data-Level Access Control; and, Central Manager and Aggregator.
Guardium’s cross-platform solution is ideal for heterogeneous environments because it supports all major DBMS data sources and protocols running on all major operating systems.
This table shows all data sources and versions currently supported in v9.0/9.1.
|Data source||Supported Versions|
|Oracle (including ASO/SSL)||9i, 10g (r1, r2), 11gR1, 11gR2, 12c (12c Restrictions: Monitoring support for Windows, Linux, Solaris only. No support for SSL encryption. ASO support available only on Linux and Solaris.)|
|Oracle RAC (including ASO/SSL)||10g, 11g, 11gR2, 12c (12c Restrictions: Monitoring support for Windows, Linux, Solaris only. No support for SSL encryption. ASO support available only on Linux and Solaris.)|
|Oracle Exadata (including ASO/SSL)||11gR2, 12c (12c: Vulnerability Assessment only)|
|Microsoft SQL Server||MS SQL Cluster, 2000, 2005, 2008, 2008 R2, 2012, 2014|
|Microsoft SharePoint||2007, 2010|
|IBM DB2 (Linux, UNIX)||9.1, 9.5, 9.7, 10.1, 10.5 (including BLU acceleration)|
|IBM DB2 (Windows)||9.1, 9.5, 9.7, 10.1, 10.5|
|IBM DB2 Purescale||9.8, 10.1, 10.5|
|IBM PureData System for Transactions|
|IBM PureData System for Operational Analytics|
|IBM PureData Systems for Analytics|
|IBM DB2 for z/OS||8, 9, 10, 11, 11.3|
|IBM DB2 for i||6.1, 7.1|
|IMS||11, 12. 13|
|VSAM||see OS version support, part of z/OS (not separately versioned)|
|IBM Informix||10, 11, 11.50, 11.70, 12|
|Sun MySQL and MySQL Cluster||5.0, 5.1, 5.5, 5.6|
|Sybase ASE||15, 15.5, 15.7|
|Sybase IQ||15.0, 15.1, 15.2, 15.3, 15.4, 16|
|IBM Netezza||NPS 4.5, 4.6, 4.6.8, 5,0, 6.0, 6.02, 7.0|
|PostgreSQL||8, 9, 9.1, 9.2|
|Teradata||12, 13, 13.10, 14, 14.10, 15|
|IBM InfoSphere BigInsights||1.4, 2.0, 2.1|
|Cloudera||CDH3 Update 2, 3, 4
|Greenplum DB||4.0, 4.1, 4.2|
|MongoDB||2.0, 2.2, 2.4|
|Window File Share (WFS)||Windows 2003, 2008|
Unique in the industry, S-TAPs are lightweight software probes that monitor both network and local database protocols (shared memory, named pipes, etc.) at the OS level of the database server. S-TAPs minimize any effect on server performance by relaying all traffic to separate Guardium appliances for real-time analysis and reporting, rather than relying on the database itself to process and store log data. S-TAPs are often preferred because they eliminate the need for dedicated hardware appliances in remote locations or available SPAN ports in your data center.
This table shows all OS platforms and versions for which S-TAPs are currently available.
|OS Type||Version||32-Bit & 64-Bit|
|AIX||5.3||Both (Note: DB2 SHM and Informix SHM on 32-bit AIX not supported)|
|z/OS||1.11 or higher|
|HP-UX||11.11, 11.23, 11.31||Both|
|Red Hat Enterprise Linux (includes
|4, 5, 6||Both|
|Red Hat Enterprise Linux for System z||5.4|
|SuSE Enterprise Linux||9, 10, 11||Both|
|SuSE Enterprise Linux for System z||9, 10, 11|
|Solaris - SPARC||9, 10, 11||Both|
|Solaris - Intel||10, 11||10-Both, 11-64-Bit only|
|Windows Server||2003, 2008, 2012||Both|
|IBM i||6.1, 7.1|
|Ubuntu||10.4 (SP3 & 4), 12.4||PostgreSQL only|
* Supports network activity monitoring, local activity via Enterprise Integrator
Guardium is available as a hardware or software offering, ensuring the solution can be easily deployed in a wide variety of environments. As a hardware offering, the solution is delivered with licensed software fully loaded and tested on a physical appliance provided by IBM (hardware appliance), When delivered as a software offering, the solution is delivered as software images ready to be deployed by the user on their own hardware (software appliance), either directly or as virtual appliances. While the software images can be installed on any VMware product, the VMware ESX server is the recommended platform for a virtual solution. VMware only is supported by Guardium.
The following table summarizes major hardware requirements for software appliances. The Guardium solution is designed to work on i86 Intel-based or AMD-based platforms (for example, i686, x86_64). Only platforms and hardware that are officially supported by RedHat Linux 5. (32-bit or 64-bit) can be used as Guardium platforms, however, not all officially supported RedHat Linux 5.8 platforms can be used. Platforms that require additional drivers or specialized post-install configuration are not supported at this time.
Recommended Resources per software/virtual appliance
|Physical CPUs||4-16 cores||x86 (Intel-based or AMD-based) processors required|
|Virtual CPUs||Minimum 4 vCPUs|
8 GB (min) to 16 GB (max)
With quick search enabled, it is recommended to use 16 GB
16 GB (min) to motherboard max
With quick search enabled, it is recommended to use 24 GB
|With quick search enabled, more RAM than minimum recommended for better experience using this function.|
1 Gbit per second card recommended
|1-4||Each port can be an actual NIC, or a virtual switch that can be configured to use multiple NICs, optionally with failover IP teaming.
Optional: The third port may also be configured to team with the primary interface in order to provide failover IP teaming. Alternatively, the last port on the device may be configured as a secondary management interface with a different IP, NETMASK and GW from the primary.
When using Inspection Engines to capture traffic (not
|Disk Size||300 GB to <2 TB||Using RAID is recommended.
RAID-0, RAID-1, RAID 0+1, RAID 1+0 are supported.
Note: Larger disks may hold more audit records for longer periods of time, but are more likely to impact performance.
At least 9 GB of free disk space on the /var partition is required.
|Disk Speed||7200 RPM to 15,000 RPM||With 7200 RPM, scale back the sizing ratio by 70%|
InfoSphere Guardium identifies potential fraud by tracking activities of end-users who access critical tables via multi-tier enterprise applications rather than direct access to the database. This is especially important for applications that use connection pooling where all user traffic is aggregated within a few database connections, thereby masking the identity of end-users.
Guardium offers out-of-the-box support for the major off-the-shelf enterprise applications (see table below), and provides built-in tools to configure and add end-user identification for niche application and home-grown applications. Note: for most applications, some basic configuration is needed, to tailor the solution to your environment.
|Supported Enterprise Applications||Supported Application Server Platforms
(for other enterprise & custom developed applications)
|Oracle E-Business Suite||IBM WebSphere|
|Siebel||Oracle Application Server (AS)|
|SAP||JBoss Enterprise Application Platform|
|Cognos||+ Others based on customer demand|
|Business Objects Web Intelligence|
|+ Others based on customer demand|