Release notes - Guardium Insights Version 3.2.12

IBM Security Guardium Insights is a hybrid cloud data security hub that helps you improve visibility into user data activity and risk. Guardium Insights helps you protect data more efficiently, enhance information technology flexibility, and reduce operational costs as you embrace new business paradigms (such as moving data to the cloud). Guardium Insights helps reduce the cost and complexity related to collecting, managing, and retaining data security and compliance data. It provides new analytics to enhance threat investigations - and it provides quick reporting functionality (including pre-built reports). Risk scoring and alerting in Guardium Insights help you prioritize your activities.

IBM Security Guardium Insights is a powerful tool that can help you secure your data. Simple to use, Guardium Insights allows you to set up connections to your data sources.

Guardium Insights provides tools to help you analyze data:

Outlier mining: Detecting anomalies in activities and exceptions.
Risk events: Identifying assets at risk using broad data points.
Reports: Dive into the raw data for deep investigation.

Download Guardium Insights v3.2.12
Install Guardium Insights v3.2.12
Guardium Insights v3.2.x release notes
Bug and security fixes in Guardium Insights v3.2.12
- Bug fixes
- Security fixes
Known limitations and workarounds for Guardium Insights v3.2.12
Resources

Download Guardium Insights v3.2.12

Guardium Insights V3.2.12 can be downloaded as an archive file (2.2.12.tar.gz) from: https://github.com/IBM/cloud-pak/tree/master/repo/case/ibm-guardium-insights

You can install only the products for which your site is entitled.

For further instructions, read the README.md file located after unzipping the latest tar file.

The Quick Start Guide for this offering is available at Passport Advantage (https://www.ibm.com/software/passportadvantage) (search for Part Number “M07QWML”).

Install Guardium Insights v3.2.12

Before installing Guardium Insights, review the system requirements: System requirements and prerequisites

This offering is deployed as a new installation of Guardium Insights – or as an in-place upgrade. Please follow these instructions:

Prepare for installing: Prepare for installing IBM Security Guardium Insights
Install Guardium Insights: Installation of Guardium Insights
Upgrade process: Upgrading to newer versions of Guardium Insights

Important:

Installation commands changed in Guardium Insights 3.2.9 and later. See the Setting up IBM Security Guardium Insights documentation for the new procedures.
Due to a Db2® limitation, Guardium Insights does not support OpenShift® Data Foundation (ODF) Version 4.12.x as a storage class. If you plan on using ODF as a storage class, you must use Version 4.11. If you receive an email indicating that you using an incompatible version of ODF, you can safely ignore the message and continue to use the cluster.
When installing Guardium Insights, IBM Cloud Pak foundational services Version 3.19.12 and 3.19.17 are not supported. Please use the latest version instead.
Support for Red Hat® OpenShift Container Platform Version 4.8.x is deprecated. Guardium Insights supports OpenShift Container Platform Version 4.10.x and 4.12.x.

Guardium Insights v3.2.x release notes

Bug and security fixes in Guardium Insights v3.2.12

Table 1. Bug fixes
Issue key	Description
INS-36022	The ingestion of data marts of type `Overflow` was resulting in `SQLExecute` ingestion errors.
INS-27203	When configuring an AWS Postgres universal connector, log errors indicated that the AWS access key ID and AWS secret access were required, even when a Role ARN was provided.

Security fixes

Table 2. Security fixes
Issue key	Vulnerability ID
INS-36198	CVE-2023-5072
INS-36141	CVE-2023-46233
INS-35723	CVE-2023-43804
INS-35635	CVE-2023-45133
INS-35632	CVE-2023-5072

Known limitations and workarounds for Guardium Insights v3.2.12

This patch of Guardium Insights carries forward the known limitations and workarounds from Guardium Insights Version 3.2. You can find the list of limitations in the release notes for that version.

In addition, this patch includes these known limitations:

Table 3. Known limitations and workarounds for Guardium Insights v3.2.12
Issue key	Description
INS-25447	Cannot restore a backup of Guardium Insights Version 3.2.0 to Version 3.2.x. Workaround: Restore the backup to Version 3.2.0 and then upgrade Guardium Insights from Version 3.2.0 to 3.2.x.
INS-28227	During an upgrade of Guardium Insights, data ingestion should be halted or kept to a minimum. This is due to a change in the Db2 operator.
INS-29331	In rare cases, there are Db2 errors for services such as the reports and risk services. These may prevent report execution or risk event generation. When this occurs, these errors are seen in the logs for the related service: `SQLCODE=-1803, SQLSTATE=57056, SQLERRMC=NULLID.SYSSN200 0X5359534C564C3031, DRIVER=4.26.14 SQLCODE=-901, SQLSTATE=58004, SQLERRMC=Plan/Environment mismatch!, DRIVER=4.26.14` Workaround: See Db2 errors for reports and risk services.
INS-33089	Due to a Db2 limitation, Guardium Insights does not support OpenShift Data Foundation (ODF) Version 4.12.x as a storage class. Workaround: If you plan on using ODF as a storage class, you must use Version 4.11. If you receive an email indicating that you using an incompatible version of ODF, you can safely ignore the message and continue to use the cluster.
INS-34988	In rare cases, it may happen that two tenants are created during Guardium Insights Version 3.2.x installation when only one tenant should be created. Workaround: To determine if more than more than one tenant was created during installation, run the get_tenants.sh script: `./get_tenants.sh <hostname> <admin_user_id> <admin_password>` If more than one tenant was created, delete the tenant that was created first. In the below example (after running get_tenants.sh), the tenant with the earlier `ActivationDate` is incomplete and should be deleted: `[ { "Name": "Guardium Insights", "UID": "admin", "TenantID": "TNT_EYIHZHPMECWNFMKHWISYTN", "ActivationDate": "2023-09-21T16:00:23Z" } , { "Name": "Guardium Insights", "UID": "admin", "TenantID": "TNT_EHD3PRDLQ6RIPTHUARTGE8", "ActivationDate": "2023-09-21T16:01:44Z" } ]` After you determine which tenants are invalid and can be removed, delete each invalid tenant using this command: `./delete_tenant.sh <hostname> <admin_user_id> <admin_password> <tenant_id>`

Resources

IBM Security Guardium Insights documentation: http://ibm.com/docs/SSWSZ5_3.2.x/

System requirements: System requirements and prerequisites

IBM Security Learning Academy: https://www.securitylearningacademy.com