Release Notes
Abstract
This technical note provides guidance for installing IBM Guardium Data Protection Windows Agents 12.1.0.112, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
| Product: | IBM Guardium |
|---|---|
| Release version: | Guardium 12.1 Windows S-TAP |
| Completion date: | 19 September 2024 |
Fix IDs
|
Guardium_12.1.0.112_S-TAP_Windows
|
Finding the patch
This document provides a reference to the contents of this patch. If applicable, the detailed description of each fix and instructions for applying this patch are contained within the download package. The actual package is available for downloading from the IBM Fix Central website at http://www.ibm.com/support/fixcentral/
Make the following selections on Fix Central:
Product selector: IBM Guardium
Installed Version: 12.0
Platform: Windows
Click "Continue", then select "Browse for fixes" and click "Continue" again.
Make the following selections on Fix Central:
Product selector: IBM Guardium
Installed Version: 12.0
Platform: Windows
Click "Continue", then select "Browse for fixes" and click "Continue" again.
When to reboot after installing or upgrading to Guardium 12.1 Windows S-TAP
- A fresh install of Guardium 12.1 does not require a reboot.
- When you upgrade between versions, you must reboot the database server to update the NmpProxy driver. If there are no issues with your current NmpProxy functionality, you can delay the reboot until the next maintenance cycle. No fixes will be applied to the NmpProxy driver until a server reboot is completed.
For more information, see Windows: When to restart or reboot the database server after installing or upgrading S-TAP.
Deprecated support and functionality
Microsoft Windows Server 2012 and 2012 R2
Windows Server 2012 and 2012 R2 reached end of support by Microsoft on 10 October 2023 and no longer receive security updates. For this reason, as of 31 March 2024, Guardium no longer maintains support for these operating systems. For more information, see IBM Guardium support discontinuance notification for Microsoft Windows Server version 2012 and 2012 R2.
Windows Server 2012 and 2012 R2 reached end of support by Microsoft on 10 October 2023 and no longer receive security updates. For this reason, as of 31 March 2024, Guardium no longer maintains support for these operating systems. For more information, see IBM Guardium support discontinuance notification for Microsoft Windows Server version 2012 and 2012 R2.
Microsoft SQL Server 2012
Guardium no longer supports Microsoft SQL Server 2012 as of 12 July 2022. For more information, see IBM Guardium support discontinuance notification for Microsoft SQL Server version 2008 and 2012.
New support and functionality
New database support
- Apache CouchDB 3.3.2
- Elasticsearch 8.10.4
- MariaDB v.11.2.0
- MongoDB 7.0.1
- MySQL 8.3.0
- Neo4j 5.15
- PostgreSQL 16
New features and enhancements
Internal load balancer between S-TAP and Sniffer
The internal load balancer (ILB) assesses data load and helps prevent data loss by proactively forecasting the load on the collector, and by redirecting traffic to another collector to balance the load in near real time.
The internal load balancer (ILB) assesses data load and helps prevent data loss by proactively forecasting the load on the collector, and by redirecting traffic to another collector to balance the load in near real time.
IE size and number
Inspection engines are now limited by number as well as file size.
Inspection engines are now limited by number as well as file size.
Maximum number of IE=50
Maximum file size = 59 KB
Any inspection engine that exceeds these limits is truncated and a message is sent to S-TAP events.
Dynamic S-TAP buffer
The S-TAP buffer and driver memory buffers have improved flexibility to be automatically expanded or reduced based on traffic load, which allows S-TAP to only use the resources needed for the moment. The maximum size of the buffer is configurable to the following system requirements.
| Windows S-TAP 7 | Windows S-TAP 8 |
|---|---|
|
BUFFER_FILE_MAX_SIZE
Sets the maximum buffer size Default value:250 MB Value range: 50 MB -1 GB |
BUFFER_FILE_MAX_SIZE
Sets the maximum S-TAP buffer size Default value:512 MB Value range: 50 MB-32 GB |
|
TCP_LOG_SIZE
Sets the maximum WFP buffer size Default value: 512 MB Value range: 512 MB – 128 GB |
TCP_LOG_SIZE
Sets the maximum WFP buffer size Default value: 512 MB Value range: 512 MB– 128 GB |
|
NPTRC_LOG_SIZE
Sets the maximum NMP buffer size Default value: 512 MB Value range: 512 MB – 128 GB |
NPTRC_LOG_SIZE
Sets the maximum NMP buffer size Default value: 512 MB Value range: 512 MB – 128 GB |
Known limitations and workarounds
| Issue key | Summary |
|---|---|
|
GRD-87745
|
When Global Session Key is enabled on Windows S-TAP v7, query rewrite and firewall stop working. No workaround is available.
|
|
GRD-85979
|
Redaction does not work with Postgres 16 databases. Some patterns are too wide and result in redaction of packet metadata, which corrupts the stream and causes the session to drop. Currently no known workaround.
|
|
GRD-87880
|
Changes to local IPv4 or IPv6 interfaces while Windows S-TAP is running may cause its instability.
|
Resolved issues
| Issue key | Summary | Known issue (APAR) |
|---|---|---|
|
GRD-68423
|
Addresses various causes of missing Microsoft SQL Server DB_USERs in reports.
|
DT249847
|
| GRD-71840 | A new regex option for regular expressions allows you to specify the length of the database column to redact. This feature helps insure that the correct data is scrubbed. For more information, see REDACT - Working with regex on Windows DB servers. | DT249854 |
|
GRD-72932
|
Addresses various causes of garbage DB_USERs in reports.
|
DT249848
|
|
GRD-73574
|
Windows S-TAP library for Db2 might cause IBM Db2 instance crash
|
DT244227
|
| GRD-76256 | Fixed inconsistent raw pointer and shared pointer when failover happens using protocol 7 and PARTICIPATE_IN_LOAD_BALANCING=1. | DT249830 |
| GRD-76337 | Expanded the scope of the redact functionality to incorporate non-printable Unicode. | DT255187 |
| GRD-76964 | Fixed excessive display of Event ID 5156 "The Windows Filtering Platform has permitted a connection" in event viewer when enabling success auditing for Windows Filtering Platform connections. | DT256988 |
|
GRD-77080
|
The database monitor service starts automatically even after setting WSTAP_ENABLED=0
|
DT259533
|
| GRD-77451 | Fixed a potential server instability caused by Correlator.sys | DT259462 |
| GRD-78380 | Fixed an issue where S-TAP service would not start when configured with V8 and IBM Common Inventory Technology (CIT) tool is installed on the server. | DT259582 |
| GRD-80188 | Restored functionality to GIM parameter WINSTAP_ENABLEGAM such that the GAM service is fully disabled when WINSTAP_ENABLEGAM=0. | DT365798 |
| GRD-80264 | Removed the deprecated parameter TCP_ALIVE_MESSAGE from guard_tap.ini | DT395103 |
| GRD-80324 | Improved the installer such that failure on a non-essential step does not abort the installation. | DT378640 |
| GRD-82128 | Added quotation marks around the uninstall path string when the path has spaces included. | DT395053 |
| GRD-83046 | Fixed a server instability caused by the NmpProxy driver. |
DT396544
|
| GRD-84608 | Addressed an S-TAP instability by removing case sensitivity in the DB_TYPE value |
DT395969
|
Installers with MD5Sums
| MD5Sum | File Name |
|---|---|
|
c2c9e115d44a407ce03771968ebc6295
|
Windows-STAP-V12.1.0.112.zip
|
| 24606c20c8537218ba551cfba0311b2a |
conf.reload.WINSTAP
|
|
35bc6ff94ba825efc3d0232c432f1a1e
|
guard-WINSTAP-12.1_r120100112_1-x86_x64.gim
|
|
c6d4fa4dc0d3069781ba0a42b99d1fdd
|
guard-WINSTAP-guardium_12.1_r120100112_1-Windows-Server-Windows-x86_x64.exe.signed
|
Related Guardium updates
- Guardium Data Protection 12.1 (see release notes)
- Guardium Data Protection Windows GIM 12.1.0.112 (see release notes)
- Guardium Data Protection Windows CAS 12.1.0.112 (see release notes)
- Guardium Data Protection Windows FAM for NAS 12.1.0.112 (see release notes)
- Guardium Data Protection Windows FAM for SP 12.1.0.113 (see release notes)
- Guardium Data Protection Windows FAM Monitor 12.1.0.112 (see release notes)
- Guardium Data Protection Windows FDEC for NAS 12.1.0.112 (see release notes)
- Guardium Data Protection Windows FDEC for SP 12.1.0.112 (see release notes)
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
30 September 2024
UID
ibm17166710