IBM Security Guardium S-TAP for Db2 on z/OS architecture and components
The IBM Security Guardium S-TAP for Db2 SQL Collector Agent collects data from an audited Db2® subsystem in accordance with the filtering policies you set with the Guardium system.
The IBM Security Guardium S-TAP for Db2 collector agent runs as a started task and is responsible for the collection of audit data in an IBM Security Guardium S-TAP for Db2 environment. As shown in the following diagram, SQL collector data is filtered and sent to the Guardium system, enabling you to view reports on your workstation.
Guardium Appliance SystemThe Guardium system can gather, and report on, information from multiple agents running on multiple z/OS systems. The Guardium system:
- Provides the user interface, which processes requests and displays the resulting information.
- Enables you to create filtering policies, which specify the types of data to be collected by the agent.
- Stores the collected data.
Guardium Appliance System and S-TAP Collector Agent communication
The Guardium system and the IBM Security Guardium S-TAP for Db2 agent communicate by using a TCP/IP connection. The filtering policies that you create instruct the agent about the data to collect, such as which jobs and data sets to monitor for data accesses.
- Collecting Db2 audit data based on the policy settings.
- Enabling activities to be blocked.
- Streaming collected event activity to the Guardium system.
With the Guardium system installed, configured, and running in your environment, you can test your connection from the z/OS platform to the Guardium system by configuring and running the IBM Security Guardium S-TAP for Db2 sample library member, ADHTCPD. Consult your network security team to review the results and confirm that connection from the z/OS platform to the Guardium system is available.