Release Notes
Abstract
This technical note provides guidance for installing IBM Guardium Data Protection Windows Agents 12.0.0.295, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
| Product: | IBM Guardium |
|---|---|
| Release version: | Guardium 12.0 Windows GIM |
| Completion date: | 14 April 2025 |
Fix IDs
|
Guardium_12.0.0.295_GIM_Windows
|
Finding the patch
- Select the following options to download this patch on the IBM Fix Central website and click Continue.
- Product selector: IBM Security Guardium
- Installed Version: 12.0
- Platform: Windows
- On the "Identify fixes" page, select Browse for fixes and click Continue.
- On the "Select fixes" page, select Database Agent (STAP, GIM and CAS). Then, enter the patch information in the Filter fix details field to locate the patch.
Deprecated support and functionality
Microsoft Windows Server 2012 and 2012 R2
Windows Server 2012 and 2012 R2 reached end of support by Microsoft on 10 October 2023 and no longer receive security updates. For this reason, as of 31 March 2024, Guardium no longer maintains support for these operating systems. For more information, see IBM Guardium support discontinuance notification for Microsoft Windows Server version 2012 and 2012 R2.
Windows Server 2012 and 2012 R2 reached end of support by Microsoft on 10 October 2023 and no longer receive security updates. For this reason, as of 31 March 2024, Guardium no longer maintains support for these operating systems. For more information, see IBM Guardium support discontinuance notification for Microsoft Windows Server version 2012 and 2012 R2.
Microsoft SQL Server 2012
Guardium no longer supports Microsoft SQL Server 2012 as of 12 July 2022. For more information, see IBM Guardium support discontinuance notification for Microsoft SQL Server version 2008 and 2012.
New support and functionality
Microsoft Windows Server 2025
Support added for Windows Server 2025.
New features and enhancements
Restricting traffic base on IE process name
S-TAP can now filter for Transmission Control Protocol (TCP) traffic directed to the database server processes specified in the inspection engines to reduce traffic noise. The following parameters were added to control this new functionality.
WFP_PROCESS_RESOLVE_MODE
Description: This parameter dictates how S-TAP handles traffic from non-SQL Server sources on SQL Server ports.
Description: This parameter dictates how S-TAP handles traffic from non-SQL Server sources on SQL Server ports.
Default value: 0
Possible values:
0 - Traffic from non-SQL Server programs using SQL Server ports is sent to the S-TAP and the collector.
Possible values:
0 - Traffic from non-SQL Server programs using SQL Server ports is sent to the S-TAP and the collector.
1 - Traffic from non-SQL Server programs using SQL Server ports is ignored.
2 - Traffic from non-SQL Server programs using SQL Server ports is passed if it reaches one of the two resolve limits, otherwise it is ignored.
WFP_PROCESS_RESOLVE_LIMIT
Description: This is the limit in KB of how much traffic is buffered per connection while attempting to resolve the server process name. If the limit is reached, traffic is either dropped or passed depending on the mode.
Default value: 2048
Value range: 1 - 20480
Default value: 2048
Value range: 1 - 20480
WFP_PROCESS_RESOLVE_TOTAL_LIMIT
Description: This is the limit in MB of how much traffic is buffered system-wide while attempting to resolve server process.
Description: This is the limit in MB of how much traffic is buffered system-wide while attempting to resolve server process.
These new parameters can be modified by using Windows GIM 12.0.0.295 or later.
Known issues and workarounds
|
Issue key
|
Description
|
|---|---|
|
GRD-95623
|
Allowing database sessions to make progress when all collectors are down
In protocol 8, when in a situation where all collectors for a S-TAP are down, and the firewall or query rewrite is active, S-TAP must immediately pass packets to keep database sessions active if the default verdict is pass, or drop sessions if the default verdict is Drop. The following parameter was added for S-TAP to allow database sessions to make progress when all collectors down. Note: You must manually add the VERDICT_RESUME_DELAY parameter to Guard_Tap.ini.
VERDICT_RESUME_DELAY
Description: This parameter allows database sessions to make progress when all collectors down. The value is the number of seconds the S-TAP will delay sending verdict requests to the collector after a failover. During this time, S-TAP acknowledges the verdicts locally. After the time period expires, the S-TAP resumes sending verdict requests to the collector.
Default value: 30
Value range: 0-300
|
Resolved issues
Guardium Windows GIM 12.0.0.295
|
Patch
|
Issue key | Summary | Known issue (APAR) |
|---|---|---|---|
|
12.0.0.259
|
See release note for Windows GIM 12.0.0.259
|
||
|
12.0.0.295
|
GRD-97203
|
Removed openssl.exe binary version 1.1.1.17 subject to CVE-2023-0286 vulnerability.
|
DT435454
|
Guardium Windows GUC 12.0.0.259
No changes were made to Guardium Windows GUC 12.0.0.259 since Guardium Windows GUC 12.0.0.140 (see release note). If Guardium Windows GUC 12.0.0.140 is currently installed, upgrading to Guardium Windows GUC 12.0.0.259 is optional.
Installers with MD5Sums
| MD5Sum | File name |
|---|---|
| 375e2dba0542a3593513a19a5f39e478 | GIM-Installer-12.0_r120000295_1.zip |
| c438dc456f46c9b35c8e85bd144ec453 | guard-GIM-12.0_r120000295_1-x86_x64.gim |
| e63d8ab38731f49fc08b2c7a68e691ed | guard-GIM-guardium_12.0_r120000295_1-Windows-Server-Windows-x86_x64.exe.signed |
| 9dcc19581af239363bce72b43f352ff5 | guard-GIM_transitional-12.0_r120000295_1-x86_x64.gim |
| 2f9829d62d1f87a5af9cbab02c5b52dc | guard-GUC-12.0_r120000259_1-x86_x64.gim |
| bbcdcb079fd47e51861a21e731d0cca4 | guard-GUC-guardium_12.0_r120000259_1-Windows-Server-Windows-x86_x64.exe.signed |
| 302b1d0dfd69df382312cdfcdab6124d | Guardium_12.0.0.295_GIM_Windows.zip |
Related Guardium updates
- Guardium Data Protection Windows FAM for NAS 12.0.0.293 (see release note)
- Guardium Data Protection Windows FAM for SP 12.0.0.293 (see release note)
[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z000000Gp0TAAS","label":"GIM"},{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"}],"ARM Case Number":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"12.0.0"}]
Was this topic helpful?
Document Information
Modified date:
20 May 2025
UID
ibm17230303