Windows: S-TAP user's guide

Guardium S-TAP is a lightweight software agent installed on database servers and file servers. The information collected by the S-TAPs is the basis of all Guardium traffic reports, alerts, visualizations, etc.

For data activity monitoring, the S-TAP monitors activity between the client and the database and forwards that information to the Guardium collector. The database traffic is logged into the collector based on criteria specified in the security policy. It is also possible to reduce the amount of traffic that is originally sent to the collector by ignoring trusted connections or ignoring traffic from specific IPs.

For file activity monitoring, unlike data activity, the policy rules are pushed down to the file server and thus only data that is specified in the security policy is forwarded to the collector.