5737-H30 IBM Security Guardium Data Protection 11.4

IBM United States Sales Manual
Revised: September 14, 2021


Table of contents
Product life cycle datesProduct life cycle datesOperating environmentOperating environment
Program numberProgram numberPlanning informationPlanning information
AbstractAbstractPublicationsPublications
HighlightsHighlightsSecurity, auditability, and controlSecurity, auditability, and control
DescriptionDescription


Product life cycle dates

Top rule

Program Number VRM Announced Available Marketing Withdrawn Service Discontinued
5737-H30 11.04.00 2021-09-14 2021-09-17 - -
5737-H30 11.03.00 2020-10-20 2020-12-07 - -
5737-H30 11.02.00 2020-05-05 2020-06-12 2022-09-16 2022-09-30
5737-H30 11.00.00 2019-05-21 2019-06-21 2022-09-16 2022-09-30
5737-H30 10.06.00 2018-10-23 2018-12-11 - -
5737-H30 10.05.00 2018-04-10 2018-04-27 - -
5737-H31 11.03.00 2020-10-20 2020-12-07 - -
5737-H31 11.02.00 2020-05-05 2020-05-05 2022-09-16 2022-09-30
5737-H31 11.00.00 2019-05-21 2019-06-21 2022-09-16 2022-09-30
5737-H31 10.06.00 2018-10-23 2018-12-11 - -
5737-H31 10.05.00 2018-04-10 2018-04-27 - -


Back to topBack to top

Program number

Top rule

  • IBM Security Guardium Data Protection for NAS 11.4.0 (5737-H30)
  • IBM Security Guardium Data Protection for SharePoint 11.4.0 (5737-H31)


Back to topBack to top

Abstract

Top rule

IBM Security Guardium Data Protection helps organizations protect their sensitive data, wherever it resides. It helps promote zero trust principles to tackle key security initiatives, such as addressing data privacy, insider threat, and cloud security. With its data activity monitoring, real-time alerting, actionable data threat insights, and automated compliance workflows, Security Guardium Data Protection makes it easier for organizations to protect their data and evolve their data security program as they modernize their IT landscape.

IBM Security Guardium 11.4:

With Security Guardium Data Protection 11.4, organizations experience smarter alerting, greater usability, and broader data source support. Benefits of Security Guardium Data Protection:

  • Real-time trust evaluation and alerting of potentially untrustworthy user connections to data sources to provide additional context and to promote zero trust security
  • Real-time sensitive object identification in response data of monitored data sources that matches predefined regular expressions for enhanced visibility and to better understand overall risk level
  • HashiCorp Vault integration to streamline connections to data sources and enable cloud-native security automation
  • Support for Remote Authentication Dial-In User Service (RADIUS) integration for secure user access (two-factor authentication) to data sources
  • Continued enhancements and support across data protection capabilities:
  • Enhancements to increase usability:
  • Improvements to the "to-do list" to let users select, sign, and comment on multiple audit processes
  • Additional capabilities to customize and create tables, and bring in external data for reports, such as IBM Db2 for z/OS SQL data
  • Option to compare classification results from separate runs of the same classification process
  • Custom table builder support for data source groups to upload data
  • Simplified deployment experience for external S-TAPs
  • Automatic S-TAP reallocation to facilitate enterprise load balancing needs
  • Support for Simple Network Management Protocol (SNMP) v3
  • Improvements to manage user accounts and streamline authentication workflow while using smart card technology
  • More effective asset management for IBM Security Guardium Vulnerability Assessment with new user-defined dynamic fields and groups for easier sorting of databases
  • Security test synchronization for Security Guardium Vulnerability Assessment to ease the manual effort required to manage and update tests per data source, and test results normalization for easier analysis
  • Enhancements to S-TAPs and External S-TAPs with query rewrite support for Oracle 12c and Oracle 19c to enable data masking and redaction
  • Support for monitoring of AWS RDS for Oracle using Database Streams
  • New Universal Connector (UC) plugins for monitoring Hadoop Distributed File System, AWS RDS for Postgre SQL, and other data sources in an agentless way. Note: support for these UC plugis is not release dependent, UC plugins are supported with Guardium Data Protection 11.3.
  • Support for data classification of Microsoft Azure SQL Server, Microsoft Azure SQL Database, and Microsoft Azure SQL Data Warehouse
  • Support for entitlement reporting of Cassandra, Neo4j and Microsoft Azure SQL Database
  • Vulnerability Assessments support for Neo4j and Amazon Redshift

IBM Security Guardium 11.3:

  • Adds IBM Security Verify integration to support Amazon Web Services (AWS) Secrets Manager
  • Includes expanded scope and features of the Unified Health and Deployment Dashboard to help users understand S-TAP health in a single easy-to-use user interface
  • Added Policy Optimization and Rationalization - with Tagging, making it easier to create and define policies for data privacy regulations
  • Added support of IBM Security Orchestration, Automation and Response capabilities within IBM Cloud Pak for Security for case management integration
  • Integrates with IBM Cloud Pak for Security
  • Delivers expanded classification capabilities to support MongoDB
  • Added support of archive and backup on Azure, in addition to AWS
  • Includes new and enhanced Security Guardium APIs
  • Includes support for Couchbase database in IBM Security Guardium Vulnerability Assessment

IBM Security Guardium 11.2 offers new features, configurations, and database support that help security teams detect and remediate threats more easily, while eliminating costly, high- risk, and fragmented approaches to data security and compliance.

Enhanced IBM Security Guardium Data Protection for Databases 11.2

IBM Security Guardium Data Protection for Databases 11.2 provides expanded support for a wider range of database services to facilitate secure hybrid cloud data protection, including:

  • Amazon S3, AWS DynamoDB, and Elasticsearch
  • IBM Cloud (PostgreSQL, MySQL, and MongoDB)
  • External S-TAP support for IBM Cloud Pak for Data
  • Visibility in the cloud marketplace: Amazon Web Services, Microsoft Azure, Oracle Cloud, Google Cloud Platform, and IBM Cloud
  • S-TAP support for Debian

New features and capabilities include:

  • Simplified health and deployment views
  • Automated reconciliation process to identify databases that are not protected by Guardium
  • Enhanced support for threat analytics use cases with Risk Spotter and Active Threat Analytics
  • Integration with third-party ServiceNow CMDB infrastructure management tool
  • Integration with DUO for two-factor authentication
  • Integration with LDAP/AD for enriched reporting
  • Integration with Resilient platform for cyber incident management

IBM Security Guardium Vulnerability Assessment 11.2

IBM Security Guardium Vulnerability Assessment 11.2 adds support for the most recent and improved vulnerabilities scanning Common Vulnerabilities and Exposures (CVE) test, Security Technical Implementation Guides (STIGs), and Center for Internet Security (CIS) Benchmark updates. Enhancements include:

  • Test enhancements for SAP HANA 2.0, Microsoft SQL Server 2019, Informix 14.1, Db2 11.5, and Cloudera 6.x
  • New support for Azure SQL Database

IBM Security Guardium Data Protection 11.0

The Guardium Data Protection solution offers an optimized Guardium Data Protection bundle in one product under a convenient pricing model. The Guardium Data Protection 11.0 solution offers capabilities to actively monitor and report on activities monitoring using a combination of policy-driven rules and machine learning algorithms. It also allows to proactively take actions such as blocking and redaction. The bundle also offers built-in aggregation and central management capabilities that are offered with the central management and aggregation products to effectively manage the overall deployment and centralized visibility through a single pane of glass. The solution integrates with business partner-developed or client- developed extensions through IBM Security Guardium AppExchange.

The Guardium Data Protection suite of solutions provides customizable data protection capabilities for the following data source types:

  • IBM Security Guardium Data Protection for Databases
  • IBM Security Guardium Data Protection for Data Warehouses
  • IBM Security Guardium Data Protection for Big Data
  • IBM Security Guardium Data Protection for Files
  • IBM Security Guardium Data Protection for z/OS

IBM Security Guardium Data Protection for Databases 11.0

  • Expanding support for support for database services to facilitate secure hybrid cloud data protection for:
    • Container-based database services: MongoDB, MySQL, PostgreSQL
    • Amazon RDS: MariaDB, MySQL, PostgreSQL, Oracle, SQL server
    • IBM Cloud: DB2, DB2 Warehouse on Cloud
    • MS Azure DBPaaS: SQL Server, SQL DW
    • Visibility in cloud marketplace (AWS, Azure, Oracle, Google, IBM Cloud)
  • New support for Couchbase and Neo4J
  • Simplification including:
    • New Welcome page with relevant documentation and 'see it in action' videos
    • Policy Analyzer to evaluate the effectiveness and performance of installed policies
    • CyberArk integration for credential management
    • Guided and instructive approach to achieving compliance monitoring with Smart Assistant
    • Ability to group data sources
  • New support for standard threat analytics use case with Risk Spotter and Active Threat Analytics

IBM Security Guardium Vulnerability Assessment 11.0

The enhanced Guardium Vulnerability Assessment solution offers an improved vulnerabilities scanning test for Oracle 18c, PostgreSQL V10 and V11, and Cassandra.

IBM Security Guardium Data Protection for SharePoint, 11.0

  • Unified policy management across file systems
  • New reports

IBM Security Guardium Data Protection for NAS, 11.0

  • Unified policy management across file systems
  • New reports

IBM Security Guardium Big Data Intelligence 4.0

  • Automated, unsupervised profiling of inbound activity flow
  • Prebuilt engines to persistently evaluate all profiles for anomalies
  • Leverages multiyear data and high performance to minimize false positives
  • Customizable UEBA engines, interfaces for R/SciKit, Python, Spark, and so on
  • Noise reduction functions for SIEM optimization


Back to topBack to top

Highlights

Top rule

IBM Security Guardium is a robust data protection platform that can help eliminate costly, high-risk, and fragmented approaches to data security and compliance. The solution supports business-critical needs, such as detection of active threat vectors and compliance requirements. It is a solution that can grow with your organization as your data protection needs change by offering the additional modules that you require.



Back to topBack to top

Description

Top rule

Security Guardium Data Protection secures your data, wherever it resides, with a modern, adaptive, intelligent and connected solution. With Security Guardium Data Protection, organizations gain visibility and enforce consistent security policies across hybrid multicloud environments to help secure their data, and with additional context and integration support, helps align with zero trust principles. Security Guardium Data Protection powers workflows for automated compliance, real-time alerting and response, and advanced analytics to prioritize threats. Security Guardium Data Protection helps to address increasingly complex data security and privacy regulations, while helping to prevent threats and risky users in their tracks.

Security Guardium Data Protection makes it easier for organizations to protect sensitive data and IT infrastructure as they change and grow. It can help protect on-premises and cloud data sources, while reducing costs. Security Guardium Data Protection can quickly assess and harden the highest risk areas and vulnerabilities. It can easily integrate with existing tools to accelerate an incident response and streamline compliance.

Highlights of Security Guardium Data Protection:

  • Protects structured and unstructured data, whether on-premises or cloud data sources, with agent-based and agentless monitoring
  • Identifies sensitive data and assesses data security and privacy risk through classification, data activity monitoring, advanced analytics, and vulnerability assessments
  • Provides detailed threat and user insights through at-a-glance risk views with click-through and drill-down features to investigate further
  • Accelerates compliance auditing and reporting through prebuilt templates, quick starts, and automated reporting workflows
  • Streamlines responses to threats with the ability to block access and redact data in real time, open tickets efficiently, and share insights with other security tools and teams

Security Guardium Data Protection provides the following suite of solutions, including components and modules:

  • IBM Security Guardium Appliances
  • IBM Security Guardium Data Security and Compliance

Security Guardium Data Protection is a suite of solutions that provide customizable data protection capabilities for various data source types as identified below:

  • IBM Security Guardium Data Protection for Databases
  • IBM Security Guardium Data Protection for Data Warehouses
  • IBM Security Guardium Data Protection for Database Services
  • IBM Security Guardium Data Protection for SAP HANA
  • IBM Security Guardium Data Protection for Big Data
  • Security Guardium Data Protection for Files
  • IBM Security Guardium Data Protection for z/OS
  • Security Guardium Data Protection for NAS
  • Security Guardium Data Protection for SharePoint
  • Security Guardium Data Protection
  • Security Guardium Vulnerability Assessment
  • IBM Security Guardium Standard and Advanced Activity Monitor
  • IBM Security Guardium Central Management and Aggregation Pack
  • IBM Security Guardium Data Protection for Files
  • IBM Security Guardium Data Protection for NAS
  • IBM Security Guardium Data Protection for SharePoint

Section 508 of the US Rehabilitation Act

IBM makes no representation about the Section 508 status of the third-party electronic and information technology product in this offering. Contact the vendor for specific, current information on the Section 508 status of this product.



Back to topBack to top

Operating environment

Top rule

Software requirements

For information about software and system requirements for Guardium products, see the System Requirements/Platforms Supported for IBM Guard ium 11.0 website.



Back to topBack to top

Planning information

Top rule

Customer responsibilities

The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.



Back to topBack to top

Publications

Top rule

None.



Back to topBack to top

Security, auditability, and control

Top rule

IBM Security Guardium products are installed as a hardened Linux appliance (physical or virtual). The appliance includes various security, audit, and compliance functions to help ensure the availability of the solution, confidentiality of the data stored on the appliance, and accountability for any configuration changes.



Back to topBack to top

Trademarks

Top rule

(R), (TM), * Trademark or registered trademark of International Business Machines Corporation.

** Company, product, or service name may be a trademark or service mark of others.

Terms of use

IBM products and services which are announced and available in your country can be ordered under the applicable standard agreements, terms, conditions, and prices in effect at the time. IBM reserves the right to modify or withdraw this Sales Manual at any time without notice. This Sales Manual is provided for your information only. Additional terms of use are located at

Terms of use


© IBM Corporation 2021.