Release notes - Guardium Insights Version 3.2.8

IBM® Guardium® Insights is a hybrid cloud data security hub that helps you improve visibility into user data activity and risk. Guardium Insights helps you protect data more efficiently, enhance information technology flexibility, and reduce operational costs as you embrace new business paradigms (such as moving data to the cloud). Guardium Insights helps reduce the cost and complexity related to collecting, managing, and retaining data security and compliance data. It provides new analytics to enhance threat investigations - and it provides quick reporting functionality (including pre-built reports). Risk scoring and alerting in Guardium Insights help you prioritize your activities.

IBM Guardium Insights is a powerful tool that can help you secure your data. Simple to use, Guardium Insights allows you to set up connections to your data sources.

Guardium Insights provides tools to help you analyze data:

  • Outlier mining: Detecting anomalies in activities and exceptions.
  • Risk events: Identifying assets at risk using broad data points.
  • Reports: Dive into the raw data for deep investigation.

Contents

Download Guardium Insights v3.2.8

Guardium Insights V3.2.8 can be downloaded as an archive file (2.2.8.tar.gz) from: https://github.com/IBM/cloud-pak/tree/master/repo/case/ibm-guardium-insights

You can install only the products for which your site is entitled.

For further instructions, read the README.md file located after unzipping the latest tar file.

The Quick Start Guide for this offering is available at Passport Advantage (https://www.ibm.com/software/passportadvantage) (search for Part Number “M07QWML”).

Install Guardium Insights v3.2.8

Before installing Guardium Insights, review the system requirements: System requirements and prerequisites

This offering is deployed as a new installation of Guardium Insights – or as an in-place upgrade. Please follow these instructions:

Important:
  • Due to a Db2® limitation, Guardium Insights does not support OpenShift® Data Foundation (ODF) Version 4.12.x as a storage class. If you plan on using ODF as a storage class, you must use Version 4.11.
  • When installing Guardium Insights, IBM Cloud Pak® foundational services Version 3.19.12 is not supported. Please use the latest version instead.
  • Support for Red Hat® OpenShift Container Platform Version 4.8.x is deprecated. Guardium Insights supports OpenShift Container Platform Version 4.10.x and 4.12.x.
Note: As of Version 3.2.8, Guardium Insights adds a technical preview of managing multiple tenants through APIs.

Guardium Insights v3.2.x release notes

Bug and security fixes in Guardium Insights v3.2.8

Table 1. Bug fixes
Issue key Description
INS-28766 Guardium Insights fails to install from a macOS terminal.

Workaround: Run the script from a Red Hat Enterprise Linux® terminal, or ssh into the cluster and then run the air gap process from the terminal of the cluster.
INS-28841 Db2 version update does not allow a restore from previous version.

Workaround: Perform a full backup after upgrade is complete. If you have not performed a full backup and have an incremental backup scheduled, a full backup of Db2 will be automatically performed instead of the scheduled incremental backup.
INS-31035 The cloudctl case launch uninstall operator command is missing an extra argument to remove the updated Db2 standalone version.

This results in the uninstallation failing when you use this command.
INS-30697 Guardium Insights backup fails due to pod issues.
INS-32845 When using the universal connector, a redis ping test error appears in the pod logs.

Security fixes

Table 2. Security fixes
Issue key Vulnerability ID
INS-32740 CVE-2022-25883
INS-31432
INS-30921 CVE-2023-2968
INS-30638 CVE-2022-45688
INS-30636 CVE-2023-29400
INS-30428 CVE-2023-2251
INS-29314
INS-28961 CVE-2023-24532
INS-28241

Known limitations and workarounds for Guardium Insights v3.2.8

This patch of Guardium Insights carries forward the known limitations and workarounds from Guardium Insights Version 3.2. You can find the list of limitations in the release notes for that version.

In addition, this patch includes these known limitations:

Table 3. Known limitations and workarounds for Guardium Insights v3.2.8

Known limitations and workarounds for Guardium Insights v3.2.8
Issue key Description
INS-25447 Cannot restore a backup of Guardium Insights Version 3.2.0 to Version 3.2.x.

Workaround: Restore the backup to Version 3.2.0 and then upgrade Guardium Insights from Version 3.2.0 to 3.2.x.
INS-28227 During an upgrade of Guardium Insights, data ingestion should be halted or kept to a minimum. This is due to a change in the Db2 operator.
INS-29331 In rare cases, there are Db2 errors for services such as the reports and risk services. These may prevent report execution or risk event generation. When this occurs, these errors are seen in the logs for the related service:
SQLCODE=-1803, SQLSTATE=57056, SQLERRMC=NULLID.SYSSN200 0X5359534C564C3031, DRIVER=4.26.14
SQLCODE=-901, SQLSTATE=58004, SQLERRMC=Plan/Environment mismatch!, DRIVER=4.26.14

Workaround: See Db2 errors for reports and risk services.
INS-33089 Due to a Db2 limitation, Guardium Insights does not support OpenShift Data Foundation (ODF) Version 4.12.x as a storage class.

Workaround: If you plan on using ODF as a storage class, you must use Version 4.11.

Resources

IBM Guardium Insights documentation: http://ibm.com/docs/SSWSZ5_3.2.x/

System requirements: http://ibm.com/docs/SSWSZ5_3.2.x/sys_req.html

IBM Security Learning Academy: https://www.securitylearningacademy.com

Draft comment: jcalder@ca.ibm.com
Did not include these bug fixes:
Draft comment: jcalder@ca.ibm.com
Did not include these secruity fixes: