Release Notes
Abstract
This technical note provides guidance for installing IBM Guardium Data Protection Windows Agents 12.1.23.230, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
| Product: | IBM Guardium |
|---|---|
| Release version: | Guardium 12.1 Windows Software TAP (S-TAP) |
| Completion date: | 2 September 2025 |
Fix IDs
Guardium_12.1.23.230_S-TAP_Windows |
Finding the patch
- Select the following options to download this patch on the IBM Fix Central website and click Continue.
- Product selector: IBM Security Guardium
- Installed Version: 12.1
- Platform: Windows
- On the "Identify fixes" page, select Browse for fixes and click Continue.
- On the "Select fixes" page, select Database Agent (STAP, GIM and CAS). Then, enter the patch information in the Filter fix details field to locate the patch.
Notes
- A fresh install of Guardium 12.1 does not require a reboot.
- IBM strongly recommends that you do not use the following builds as they contain instabilities that can lead to system failure. Uninstall these builds and reboot before you install S-TAP 12.1. For all other builds, you can upgrade as usual.
- 11.4.0.168 through 11.4.0.204
- 11.3.0.257 through 11.3.0.287
Attention
Database instance stop and server reboot required for patch upgrade
When you upgrade to Windows S-TAP 12.1.23.230, you must reboot the database server to update the NmpProxy driver. To successfully install this patch, you must complete the following steps:
- Stop all database instances.
- Upgrade Windows S-TAP to version 12.1.23.230.
- Reboot your database server immediately after you upgrade Windows S-TAP.
- Start your database instances.
Deprecated support and functionality
Microsoft Windows Server 2012 and 2012 R2
Windows Server 2012 and 2012 R2 reached end of support by Microsoft on 10 October 2023 and no longer receive security updates. For this reason, as of 31 March 2024, Guardium no longer maintains support for these operating systems. For more information, see IBM Guardium support discontinuance notification for Microsoft Windows Server version 2012 and 2012 R2.
Windows Server 2012 and 2012 R2 reached end of support by Microsoft on 10 October 2023 and no longer receive security updates. For this reason, as of 31 March 2024, Guardium no longer maintains support for these operating systems. For more information, see IBM Guardium support discontinuance notification for Microsoft Windows Server version 2012 and 2012 R2.
Microsoft SQL Server 2012
Guardium no longer supports Microsoft SQL Server 2012 as of 12 July 2022. For more information, see IBM Guardium support discontinuance notification for Microsoft SQL Server version 2008 and 2012.
New support and functionality
Microsoft Windows Server 2025
Support added for Windows Server 2025.
Support added for Windows Server 2025.
New features and enhancements
Restricting traffic base on IE process name
S-TAP can now filter for Transmission Control Protocol (TCP) traffic directed to the database server processes specified in the inspection engines to reduce traffic noise. The following parameters were added to control this new functionality.
WFP_PROCESS_RESOLVE_MODE
Description: This parameter dictates how S-TAP handles traffic from non-SQL Server sources on SQL Server ports.
Description: This parameter dictates how S-TAP handles traffic from non-SQL Server sources on SQL Server ports.
Default value: 0
Possible values:
0 - Traffic from non-SQL Server programs using SQL Server ports is sent to the S-TAP and the collector.
Possible values:
0 - Traffic from non-SQL Server programs using SQL Server ports is sent to the S-TAP and the collector.
1 - Traffic from non-SQL Server programs using SQL Server ports is ignored.
2 - Traffic from non-SQL Server programs using SQL Server ports is passed if it reaches one of the two resolve limits, otherwise it is ignored.
WFP_PROCESS_RESOLVE_LIMIT
Description: This is the limit in KB of how much traffic is buffered per connection while attempting to resolve the server process name. If the limit is reached, traffic is either dropped or passed depending on the mode.
Default value: 2048
Value range: 1 - 20480
Default value: 2048
Value range: 1 - 20480
WFP_PROCESS_RESOLVE_TOTAL_LIMIT
Description: This is the limit in MB of how much traffic is buffered system-wide while attempting to resolve server process.
Description: This is the limit in MB of how much traffic is buffered system-wide while attempting to resolve server process.
These new parameters can be modified by using Windows GIM 12.1.0.162 or later (see release note).
Allowing database sessions to make progress when all collectors are down
In protocol 8, when in a situation where all collectors for a S-TAP are down, and the firewall or query rewrite is active, S-TAP must immediately pass packets to keep database sessions active if the default verdict is pass, or drop sessions if the default verdict is Drop. The following parameter was added for S-TAP to allow database sessions to make progress when all collectors down.
VERDICT_RESUME_DELAY
Description: This parameter allows database sessions to make progress when all collectors down. The value is the number of seconds the S-TAP will delay sending verdict requests to the collector after a failover. During this time, S-TAP acknowledges the verdicts locally. After the time period expires, the S-TAP resumes sending verdict requests to the collector.
Default value: 30
Value range: 0-300
Description: This parameter allows database sessions to make progress when all collectors down. The value is the number of seconds the S-TAP will delay sending verdict requests to the collector after a failover. During this time, S-TAP acknowledges the verdicts locally. After the time period expires, the S-TAP resumes sending verdict requests to the collector.
Default value: 30
Value range: 0-300
Known issues and workarounds
Issue key | Description |
|---|---|
GRD-103444 GRD-104151 | If you are using IBM Db2 and install this patch, you might generate a dump file when you stop your Db2 database. |
GRD-103801 | S-TAP protocol 7 causes an operating system crash while running moderate traffic. Workaround: After you upgrade your S-TAP version, reboot the database server to pick up the nmp driver changes. |
Resolved issues
Patch | Issue key | Summary | Known issue (APAR) |
|---|---|---|---|
12.1.0.112 | See release note for Windows S-TAP 12.1.0.112 | ||
12.1.23.230 | GRD-82303 | Access to shared data structures were synchronized, and data items that were allocated and retained during session execution were deallocated when the session ended. | DT419137 |
GRD-85678 | Added GUARDIUM_CA_PATH and SQLGUARD_CERT_CN parameters to guard_tap.ini and GIM setup by client. | DT416618 | |
| GRD-88033 | Added separate event handles to notify S-TAP when 64-bit and 32-bit database processes start. | DT416655 | |
| GRD-88200 | Fixed an instability in Microsoft SQL Server instance due to the Correlator Proxy dynamic-link library (DLL). You must reboot the database server to update the Correlator Proxy DLL. | DT398828 | |
| GRD-89175 | Fixed session correlation and Kerberos delivery timeouts. | DT438267 | |
| GRD-89330 | Added check for out-of-bound memory violations when reading and writing the failoverinfo.dtx file, containing session failover information. | DT416535 | |
| GRD-89466 | Prevent S-TAP instability by ignoring empty traffic messages. | DT417031 | |
GRD-91681 | Fixed possible failures with capturing TCP traffic in S-TAP | DT421661 | |
GRD-92152 | Fixed S-TAP service instability at startup. | DT426016 | |
GRD-92349 | Fixed an issue related to possible termination of sessions when Firewall S-Gate is enabled. | DT426053 | |
GRD-94302 | Fixed instability in Microsoft SQL Server caused by Correlator DLL of Windows S-TAP. | DT437922 | |
GRD-97837 | Vulnerable OpenSSL binaries are deleted from Windows S-TAP installation. | ||
GRD-99833 GRD-99842 | Fixed Microsoft SQL Server instability caused by S-TAP related to correlator software, which is triggered when using multiple active result sets (MARS) on encrypted database connections. For more information, see Guardium Windows S-TAP 12.1.0.162, 12.0.0.293, and 11.5.0.437 might cause Microsoft SQL Server instability when using MARS on an encrypted database connection. | DT438501 | |
GRD-101002 GRD-102219 | Fixed instability in Microsoft SQL Server caused by S-TAP when connecting to Microsoft SQL Server though IP. For more information, see Guardium Windows S-TAP 12.1.0.195, 12.0.1.295, and 11.5.1.437 might cause Microsoft SQL Server instability when using Kerberos authentication. | DT442106 | |
GRD-101025 | Fixed instability in Windows S-TAP caused by data packets exceeding 64K. | DT442121 | |
GRD-101938 | Fixed instability in Windows OS caused by Windows S-TAP WFP driver. For more information, see Guardium Windows S-TAP 12.1 might cause Windows OS server instability with non-database traffic using duplicate IPs and ports. | DT443493 | |
| GRD-103773 | Removed old registry entries after upgrading from Windows S-TAP 9. | ||
GRD-107904 | Fixed instability in Windows OS due to unintended processing of non-database traffic. For more information, see Guardium Windows S-TAP 12.1.19.195, 12.0.1.295, or 11.5.1.437 might cause Windows OS server instability with S-TAP picking non-database traffic. |
Installers with MD5Sums
| MD5Sum | File Name |
|---|---|
db9f2b3743d2fd61ff2e0a4d8a6a0c55 | Windows-STAP-V12.1.23.230.zip |
c108c816a1fb7c15d2d2d67b52a0549e | conf.reload.WINSTAP |
c197794fb7bfd8c2712594f725547c7e | guard-WINSTAP-12.1_r120123230_1-x86_x64.gim |
978a328cb6090b03f0e9e6def9c408d0 | guard-WINSTAP-guardium_12.1_r120123230_1-Windows-Server-Windows-x86_x64.exe.signed |
Related Guardium updates
- Guardium Data Protection Windows GIM 12.1.19.195 (see release note)
- Guardium Data Protection Windows CAS 12.1.0.195 (see release note)
- Guardium Data Protection Windows FAM for NAS 12.1.0.195 (see release note)
- Guardium Data Protection Windows FAM for SharePoint 12.1.0.195 (see release note)
[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"},{"code":"a8m0z000000Gp0IAAS","label":"STAP"}],"ARM Case Number":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"12.1.0"}]
Was this topic helpful?
Document Information
Modified date:
30 October 2025
UID
ibm17243505