Note: Guardium External S-TAP requires a Guardium collector appliance license and works with Guardium versions 10.6 and later.
What is Guardium?
IBM Security Guardium is a comprehensive data protection platform that enables organizations to discover sensitive data, protect data from internal and external threats, and automate compliance. Guardium data protection provides centralized visibility and control across heterogeneous data environments such as databases, data warehouses, big data platforms, file systems and cloud environments to help ensure the integrity of data no matter where it resides.
For more information about Guardium, see IBM Security Guardium.
What is Guardium External S-TAP
Guardium External S-TAP is a Guardium component that can intercept traffic for cloud and on-premises database services without installing an agent on the database server. The External S-TAP component is available as a Docker image and can be deployed in any supported environment.
Depending on the version of Guardium installed, the External-TAP can be manually deployed using scripts or auto-deployed from the Guardium UI using one of the following services:
- Amazon Elastic Container Service for Kubernetes (Amazon EKS)
- IBM Cloud
- Microsoft Azure Kubernetes Service (AKS).
See the list of supported environments for your version of Guardium:
Requirements
To use the External S-TAP feature, your site must meet Guardium licensing and version requirements. In addition, all on-premises or virtual systems on which External S-TAP Docker containers run must meet the following requirements:
- An x86_64 processor.
- Linux kernel version 3.10 or higher (latest is recommended).
- Iptables 1.4 or higher.
- Docker (either Docker CE or Docker EE) 1.12.16 or higher.
- Ability to use UNIX domain sockets.
For Docker, make sure that the installing user has the necessary privileges to create a container across systems.
For more information about installing and using Guardium External S-TAP see the Guardium Knowledge Center:
