IBM Support

Guardium sniffer patches 12.0p4009 and 11.0p4081 might inaccurately capture session information for Oracle native encryption, and Oracle SSL connections on a Guardium appliance with A-TAP enabled on a database server

News


Abstract

Upgrading or installing IBM Guardium Data Protection sniffer patches 12.0p4009 or 11.0p4081 might cause session information to be logged inaccurately on a Guardium appliance for the encrypted sessions where Application TAP (A-TAP) is configured specifically for Oracle native encryption, and Oracle SSL connections.

Content

Due to recent changes, customers who deployed Guardium sniffer patches 12.0p4009 or 11.0p4081 and enabled Application TAP (A-TAP) to capture encrypted databases might experience inaccuracy in Guardium reports with session information. This event is triggered specifically with A-TAP enabled specifically for Oracle native encryption, and Oracle SSL connections. 

Remediation

The IBM Guardium team is modifying the Guardium sniffer to properly handle incoming connections with A-TAP activated. If you are preparing to deploy Guardium sniffer patches 12.0p4009 or 11.0p4081, and have encryption enabled on your database, you are advised to wait until the new version of the Guardium sniffer with the remediation is released on the IBM Fix Central website.

The Guardium sniffer patches 12.0p4011 and 11.0p4082, which address the issue describedf in this alert, are planned for release to the Fix Central website on 9 July 2025. This date is tentative and might change. 

[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z000000Gp0JAAS","label":"APPLIANCE"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.5.0;12.0.0;12.1.0"}]

Document Information

Modified date:
03 July 2025

UID

ibm17237539

Page Feedback