Installing the GIM client on a Windows server

Learn how to install the GIM client for Windows using either an interactive installer or a silent installation. Instructions are also provided for uninstalling the GIM client.

About this task

The Windows GIM client installer changed to a .NET based installer in v10.1. The installer for the GIM client is based on your GIM client version. Build numbers start from 10.2.30.5.

Port requirements
  • 8445: GIM client listener, both directions. Any GIM server on either the Central Manager or the collector can reach out to the GIM client.
  • 8443: (discovery) on the DB server to allow communication from the DB server to the Guardium appliance, and for uploading features.
  • 8446: Used between the GIM client and the GIM server (on the Central Manager or collector) for authenticated TLS, both directions, custom kernel upload, must gather loggers upload. If GIM_USE_SSL is enabled (default), then the GIM client attempts to communicate its certificate via port 8446. If port 8446 is not open, then it defaults to 8444, but no certificate is passed (for example, TLS without verification).
  • 8081: Used between the GIM client and the GIM server (on the Central Manager or collector) for non-TLS (but with message signing verification), both directions, custom kernel upload, must gather loggers upload. In this scenario, the parameter GIM_USE_SSL must be disabled (=0).

Installing the GIM client using an interactive installer

A wizard is provided to help you install the GIM client on each database server.

About this task

You can specify a custom key, certificate, and CA file when installing the GIM client in both standard mode and in listener mode. See Create and manage custom GIM certificates.

Procedure

  1. Place the GIM client installer on the database server, in any folder.
  2. Run the setup.exe file to start the wizard that installs the GIM client.
    The setup.exe file is located in the GIM-Installer-<version> folder.
  3. Follow and answer the questions in the installation wizard.

What to do next

You can view the results of the installation in the log file at C:\IBM Windows GIM.ctl.

Installing the GIM client using silent installation

If you prefer, you can install the GIM client from the command line instead of using the wizard.

Procedure

  1. Place the GIM client installer on the database server, in any folder.
  2. Open a command prompt and navigate to the GIM_Installer* folder under the folder where you placed the installer.
  3. Enter this command, with no linebreak. setup.exe -UNATTENDED -INSTALLPATH "c:\Program Files(x86)\Guardium Installation Manager" -LOCALIP 10.9.876.543
    Attention:
    • The UNATTENDED and LOCALIP parameters are required. APPLIANCE is optional and if not supplied, triggers Listener Mode. If using parameter AUTO_ASSIGN_IP, the LOCALIP is not required.
    • Omit the APPLIANCE parameter to install the client in GIM listener mode. Listener mode makes the GIM client available for remote registration from a Guardium system. Example of how to install as listener: setup.exe -UNATTENDED -INSTALLPATH C:\program files (x86)\guardium\GIM -LOCALIP 10.9.876.543. For more information, see GIM Remote Activation and Create a GIM Auto-discovery Process.
    • When cloning database servers and establishing large deployments, use auto_assign_ip 1 to allocate a random IP address from one of the valid IP addresses of a database server. Do not specify both auto_assign_ip and localip when installing the GIM client. When updating the GIM_AUTO_SET_CLIENT_IP parameter using Manage > Module Installation > Set up by Client, you must restart the GIM client service for the new setting to take effect.
    Table 1. Parameters applicable to all .NET installers
    GIM parameter Description
    -UNATTENDED Install silently. A value is not required
    -UNINSTALL Uninstall. A value is not required.
    -INSTALLPATH This is the install directory. Default install path is "C:\Program Files (x86)\Guardium\Guardium Installation Manager"
    -CUSTOMER To change customer name
    -COMPANY To change company name
    -SERVICEUSER To specify a user to run the service under
    -SERVICEPASSWORD The password for the user
    Table 2. Parameters specific to GIM .NET installers
    GIM parameter Description
    -APPLIANCE To set the appliance address that GIM connects to. If not specified, GIM installs in Listener Mode.
    -AUTO_ASSIGN_IP When value set to 1, a local IP is automatically assigned and should NOT be specified using -LOCALIP. Default value is 0.
    -CA_FILE To set the CA file to non-default file
    -CERT_FILE To set the certificate file to non-default file
    -KEY_FILE To set the key file to non-default file
    -LISTENER_PORT Set listener port for registration with appliance if not using the -APPLIANCE parameter. Default value is 8445.
    -LOCALIP This is the IP of the server where GIM is being installed.
    -NO_SSL Use SSL to encrypt traffic between the GIM client and the Guardium appliance.
    • 0: no
    • 1: Use SSL to encrypt traffic between the agent and the Guardium system. This adds ~15% of CPU usage to the GIM client.
    Guardium recommends encrypting network traffic between the GIM client and the collector whenever possible: only in cases where the performance is a higher priority than security should this be disabled.
    -SHARED_SECRET To set shared secret for registration with appliance if not specified using -APPLIANCE parameter

What to do next

You can view the results of the installation in the log file at C:\IBM Windows GIM.ctl.

Uninstalling the GIM client

Procedure

  1. Open a command prompt and navigate to the GIM_Installer* folder under the folder where you installed the client.
  2. Enter this command:
     setup.exe -UNINSTALL