Download the Docker container

To deploy a Guardium® External S-TAP® monitor, you first need to download the IBM® Guardium External S-TAP container from the Docker store. Deploy the container onto the machine (real, virtual, or cloud) that serves as the External S-TAP host.

1. If you don't already have one, create an account with Docker at www.docker.com. Creating a Docker account is straightforward (and free).
2. If your site does not provide Docker, install Docker on the External S-TAP host. For more information, see Get Docker.
3. Log in to Docker hub.
4. Browse to ibmcom/guardium_external_stap or search for and select guardium_external_stap in the ibmcom repository.
5. From the guardium_external_stap Docker page, click Tags to find and copy the appropriate docker pull command.
   Note: The container for the latest version of each Guardium release is available from the vx.x.0 tag for that release. For example, for Guardium 11.2, copy docker pull from the v11.2.0 tag.
6. Use the docker pull command to download the Docker container into your environment.
   To deploy to an internal repository: If your Docker host machine does not have access to the internet, create an internal repository on which to store the Docker containers. One method to create an internal repository is to use multiple steps, for example:

   1. Configure a host to run a local (private) docker registry. For more information, see Deploy a registry server.
   2. Take the following steps on a host that where Docker is installed and that can contact both the local Docker registry and hub.docker.com:
      1. Pull the External S-TAP Docker image from Docker hub.
      2. Push the External S-TAP Docker image to the local Docker registry.
   3. After the image is in the local registry, you can deploy the External S-TAP containers on a host that has access to that registry.