IBM Support

Release of Guardium Data Protection Windows GIM v11.4.0.413

Release Notes


Abstract

This technical note provides guidance for installing IBM Security Guardium Data Protection Windows Agents v11.4.0.413, including any new features or enhancements, resolved or known issues, or notices associated with the patch.

Content

Patch information

Product: IBM Security Guardium
Release version: Guardium 11.4 Windows GIM
Completion date: 24 May 2024

Fix IDs

Guardium_11.4.0.413_GIM_Windows
Guardium_11.4.0.388_FAM_Crawler_Windows
Guardium_11.4.0.391_GUC_Windows

Finding the patch

This document provides a reference to the contents of this patch. If applicable, the detailed description of each fix and instructions for applying this patch are contained within the download package. The actual package is available for downloading from the IBM Fix Central website at http://www.ibm.com/support/fixcentral/

Make the following selections on Fix Central:
Product selector:           IBM Security Guardium
Installed Version:          11.0
Platform:                          Windows

Click "Continue", then select "Browse for fixes" and click "Continue" again.

Attention

SHA256 GIM client certificates
After applying patch 11.0p475 or newer, Guardium supports SHA256 GIM certificates. This has the following implications:
  • If using default certificates, GIM connections are secured using SHA128. Custom certificates using SHA256 are more secure and are recommended for GIM connections. 
    Note that GIM connectivity is not interrupted after applying this patch.
  • GIM only verifies bundles signed with SHA256 and requires installing a transitional GIM bundle to support the change from SHA128 to SHA256. 

For more information, see Updating Guardium Data Protection GIM clients with SHA256 certificates.

Guardium GIM default self-signed SHA128 certificate 
The Guardium GIM default self-sign certificates is set to expire May 2024. If the certificates are not renewed by the expiration date, the GIM client-server communication will be affected. Please note that data monitoring activity through STAP will not be disrupted. 
  • To renew GIM server (appliance) certificate install 11.0p1042. 
  • To renew GIM clients (database server agent) certificate, upgrade to v11.4.0.413 or newer.  
Refer to the following Flash alert for more information: https://www.ibm.com/support/pages/node/7115129 

Deprecated support and functionality

Windows Server 2012 and 2012 R2  
Windows Server 2012 and 2012 R2 have reached end of support by Microsoft on October 10, 2023 and will no longer receive security updates. For this reason, as of March 31, 2024, Guardium can no longer maintain support for these operating systems. For more information, please see:  IBM Security Guardium support discontinuance notification for Microsoft Windows Server version 2012 and 2012 R2 

Microsoft SQL Server 2012 
IBM Security Guardium no longer supports Microsoft SQL Server 2012 as of July 12, 2022. For more information, please see: IBM Security Guardium support discontinuance notification for Microsoft SQL Server version 2008 and 2012 

New features and enhancement

Must Gather v3.1
As with previous versions, Must Gather continues to aid customers and support teams in troubleshooting issues by gathering and uploading debugging information. V3.1 adds a parsing option delivered by a new PowerShell script that aggregates important information from many files into a simple summary. For more information, see Must gather for Windows S-TAP and other Windows agents.
 

Configuration of installation log directory 
The installation logs of Windows S-TAP, FAM Monitor, GIM, and CAS, can now be created in a custom folder/drive of your choice when installing using the parameter: 
CLI install: INSTALLERLOGPATH 
Additionally, when upgrading via GIM, the following parameter can be used: 
GIM install: GIM_INSTALLER_LOG_DIR

Universal Connector

The Guardium universal connector provides robust and secured audit trail collection into Guardium for auditing, compliance and protecting. It is used for both on-premise and cloud platforms. It provides a utility for parsing and sends the outcome in a normalized format to the collector. The universal connector does not require an S-TAP. For more information, see Universal connector.

Configuring Filebeat and syslog on MongoDB by using GIM
You can configure the Filebeat and Syslog native log audit on MongoDB data sources by installing the GIM client on the MongoDB and configuring the GIM parameters in the Setup by Client page. For more details, see Configuring Filebeat and syslog on MongoDB by using GIM.

Resolved issues

Guardium Windows GIM v11.4.0.413
Patch Issue Key Summary APAR (Known Issue)
v11.4.0.258 Link to v11.4.0.258 on Fix Central
v11.4.0.316 Link to v11.4.0.316 on Fix Central
v11.4.0.363 Link to v11.4.0.363 on Fix Central
v11.4.0.391 Link to v11.4.0.391 on Fix Central
v11.4.0.413 GRD-79901 SHA1 certificates have been re-introduced within GIM clients. This functionality is useful when installing new clients with SHA1 communication. In addition, if SHA1 certificates were not renewed and the expiry date has passed, user will need to:

1) Install the correct appliance patch with updated certificate for your appliance version. For more information, see https://www.ibm.com/support/pages/node/7115129 
2) Install a GIM client which contains the updated certificate, v11.4.0.413 or newer, directly on database server.
Guardium Windows FAM Crawler v11.4.0.388
Guardium Windows GUC v11.4.0.391
Patch Issue Key Summary APAR (Known Issue)
v11.4.0.182 Link to v11.4.0.316 on Fix Central containing GUC v11.4.0.182
v11.4.0.391 Link to v11.4.0.391 on Fix Central

Installers with MD5Sums

MD5Sum File Name
5ae53a85cae32aa989135af87ebacef6 GIM-Installer-11.4_r110400413_1.zip
e968dbb317d6ba695e031550404ad7a2 guard-GIM-11.4_r114000413_1-x86_x64.gim
541686d1d457ce7e7e09cd05560bc6ce guard-GIM-guardium_11.4_r114000413_1-Windows-Server-Windows-x86_x64.exe.signed
7ae7a7b4469ed09fc3cfb38fddd2dddf guard-GIM_transitional-11.4_r114000413_1-x86_x64.gim
2509b7cfd8e1aa0128b0ef709f30a29e conf.reload.FAM
860e78a56c3b797fc2c27e7a85fae379 guard-FAM-11.4_r114000388_1-x86_x64.gim
16a773bdca40c13eed1ee1a0acc2da3f guard-FAM-guardium_11.4_r114000388_1-Windows-Server-Windows-x86_x64.exe.signed
04b7e9b022877d2228424c25d5170d72 guard-GUC-11.4_r114000391_1-x86_x64.gim
4ec3ec9c2575813683e4eabb538236b3 guard-GUC-guardium_11.4_r114000391_1-Windows-Server-Windows-x86_x64.exe.signed

Resources

Supported Platforms and Databases: 
https://www.ibm.com/support/pages/node/876538 

Supported platforms for files: 
https://www.ibm.com/support/pages/node/6245402 

IBM Security Guardium Data Protection documentation
https://www.ibm.com/docs/en/guardium

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
24 May 2024

UID

ibm17149204

Page Feedback