Follow by Email

Tuesday, November 15, 2016

An Apparent Guardium V10 GUI Bug that Prevents Configuration of Domain Authentication for MS SQL Server - And It's Workaround

by John Haldeman, Enterprise Architect

Today someone on our team ran into an issue with connecting to a MS SQL Server database using a domain authenticated user. It was the second time this happened to us, so I thought I would write a blog post in case someone else encounters it. You might already be familiar with the special considerations for making SQL Server domain authenticated connections in order to set up things like entitlement reports and vulnerability assessments. Specifically, you need the jTDS driver and some special configuration as outlined in this support document:
              https://www-01.ibm.com/support/docview.wss?uid=swg21675924

The problem is that we've encountered what looks like a bug in Guardium V10's GUI that prevents connection properties from being saved. This is with V10 GPU 125 applied. I think it's likely it affects all current V10 versions, but can't be sure. What that means is that the "domain=<your domain>" instructions listed at the end of the support document don't seem to work. When you test the connection, you'll get failed login errors and when you exit and try and edit the datasource again you might find that the domain parameter that you enter disappears - it looks like it isn't being applied to the datasource definition.

Wednesday, October 5, 2016

How Do SonarG and Information Insights Solve Common Infrastructure Optimization Issues for your Existing Guardium Deployments?

Partnering for Even More Secure Enterprise Data Infrastructure


Earlier this year, Information Insights announced a partnership with jSonar, enhancing data security capabilities with the SonarG solution for further optimizing Guardium environments. Led by Ron Ben Natan, former CTO/founder of Guardium, this additional layer of protection takes advantage of next-generation Big Data technology to enhance and expand the platform’s resources in a number of key areas.

Since that announcement, I’ve met with many of jSonar’s Guardium clients to discuss SonarG, receiving feedback on our approach, along with insight into current challenges and goals for expanding the functionality and value that they get from Guardium. 

We were quickly able to pinpoint the source of SonarG’s enthusiastic adoption - it provides a powerful set of capabilities that perfectly complement the challenges and goals that the majority of Guardium deployments are facing.

Over the next few weeks, we will outline the findings from these conversations to address common concerns from customers, along with insight into how these are solved via SonarG – focusing on three major areas of enterprise data management: infrastructure optimization, improving data access and enabling security analytics.

Monday, August 1, 2016

Information Insights Expands Data Security Capabilities


                                               

Information Insights Expands Data Security Capabilities with BTRG Practice Group Acquisition

Through the recent acquisition of the Data Security/ Governance Practice of The Business & Technology Resource Group (BTRG)), Information Insights strengthens the delivery capacity and competency of their Nationally-Recognized Data Security Practice.

August 1, 2016 (Atlanta, GA) – Information Insights, LLC, an IBM Premier Business Partner, is pleased to announce their recent acquisition of BTRG’s Information Governance Practice. BTRG is a leading industry partner, known for providing comprehensive security strategies and data masking.

“The addition of BTRG’s proven Data Security and Information Governance team to our group expands our ability to deliver data security solutions to an expanding client base, in a time when data security is a critical issue for all enterprises. At the same time, the complementary nature of the teams allows Information Insights to maintain a tight focus on delivering excellence in our core competencies and enhances our Guardium Managed Services capability,” said Bill Crawford, Information Insights’ President. “Additional Data Security capabilities let us be very responsive to our clients and our partners. Adding the BTRG team allows us to quickly bring talented resources to bear on time sensitive initiatives, like securing enterprise data assets.”

Information Insights helps clients improve their security posture through robust data security, privacy and encryption strategies and solutions. By joining BTRG with their team, Information Insights increases the delivery capacity and tools at their disposal to help clients advance their data security programs, while at the same time addressing key business challenges around privacy, compliance and scalability.
To learn more about how Information Insights safeguards enterprise data through activity monitoring, encryption and masking of critical IT assets, visit them online at www.infoinsightsllc.com.
____________________________________________________________________________
About Information Insights
Information Insights, LLC, North America’s only Gold Accredited Guardium Partner, is a software solutions provider focused on helping companies improve enterprise data management. With domain expertise in the areas of data security, data privacy and data lifecycle management, Information Insights has the skills and experience required to help clients drive cost reduction and risk mitigation in their enterprise application portfolios.


Friday, April 29, 2016

Don't Ignore More Than You Expect - Notes On Whitelisting Objects in Policies

by John Haldeman, Enterprise Architect

We had a customer using DB2/z that was receiving a lot of events from SYSIBM.SYSDUMMY1. So, they wanted to implement a rule as shown in Figure 1:
Figure 1: Policy Rule to SKIP LOGGING on SYSIBM.SYSDUMMY1 - Click to Enlarge
This seemingly simple and innocuous rule has some unintended consequences. That's what this blog post is all about.

Wednesday, April 20, 2016

Why Outlier Detection Won't Save You

by John Haldeman, Enterprise Architect

Now that it's been out for awhile, I feel like it's time for some hard truths on Guardium Outlier Detection. Before I get into some of it's limitations, I want say that it does indeed work, and it is indeed useful and powerful. This post is meant to serve as a healthy discussion on the practical problems of using it. To be clear, I would rather use the function than not - ie: it provides more value than what it costs to deal with the issues below.

Tuesday, February 2, 2016

Information Insights and jSonar Partner to Optimize IBM Guardium Database Security Solutions

Newly announced partnership combines the experience and knowledge of Information Insights with the SonarG Big Data Platform from jSonar to enable IBM Guardium clients to more fully leverage their Guardium systems while reducing costs and complexity.

February 2, 2016 (Atlanta, GA) – Information Insights, LLC, an IBM Premier Business Partner, is pleased to announce their partnership with jSonar, an industry-leading Big Data technology provider with a deep technical understanding of the IBM Guardium Database Security architecture. The combination of these strengths will enable IBM Guardium customers to accelerate and expand upon the compliance and security benefits of the IBM Guardium system via the next generation SonarG Big Data solution.

Information Insights helps clients improve their security posture through robust data security, privacy and encryption strategies and solutions. By delivering SonarG, Information Insights continues to expand upon the tools at their disposal to help clients advance their data governance programs, while at the same time addressing key business challenges around cost of ownership and scalability.
“Partnering with jSonar to help bring SonarG to market represents a critical opportunity for Information Insights and our Guardium clients,” said Bill Crawford, Information Insights CEO. “jSonar is collaborating with Information Insights and IBM to modernize Guardium implementations and enable clients to realize even greater benefit and value from their Guardium investment.”

"Information Insights has a long and very successful track record in enabling customer success with IBM Guardium DAM," said Ron BenNatan, jSonar Founder, "and we are excited about the opportunity to join forces to help clients optimize their use of IBM Guardium."
SonarG was developed by key technologists from the original Guardium engineering team and merges that knowledge with their next generation Big Data warehousing technology. The resulting solution is specifically built for optimizing Guardium data aggregation, infrastructure and storage, enabling clients to simplify their deployment, extend their data collection and retention policies to a year or longer, while also providing improved access to database activity data for reporting and security analytics.
Information Insights, North America’s only Gold Accredited Guardium Partner, and jSonar will be available to offer further insight into this advanced solution at IBM’s 2016 InterConnect Conference, being held February 21-25, in Las Vegas, Nevada.
____________________________________________________________________________

About Information Insights 
Information Insights, LLC, an IBM Premier Business Partner, is a software solutions provider focused on helping companies improve enterprise data management. With domain expertise in the areas of data security, data privacy and data lifecycle management. Info Insights has the skills and experience required to help clients drive cost reduction and risk mitigation in their enterprise application portfolios.


About jSonar
jSonar is a VC-based company headquartered in Boston, MA, founded by serial entrepreneurs and industry veterans with expertise in the areas of databases, Big Data and Guardium. Their core focus is making Big Data work more easily and efficiently for enterprises. An emphasis on unique technology translates into better experiences and better outcomes for their customers.


Monday, September 7, 2015

Building an LDAP/AD Group Membership Report in Guardium

 by John Haldeman, Practice Lead


Guardium Entitlement Reports are a useful feature that help you determine what privileges have been assigned in your databases. It's primary value is in helping you create standardized reporting for entitlements based on the database catalog information in each database without you having to create custom scripts.

This being said, that's all Guardium does - query the database catalogs of the databases you register and shows you that information. Certain database types, MS SQL Server for instance, may obscure who the end user that has a certain privilege is because the database catalog just has a listing for the groups assigned, not the users in those groups. An example is show in figure 1. A role for a MS SQL Server database is shown to be assigned to a WINDOWS_GROUP. Invariably, the next question becomes: who is in that Windows group, and can I see that information in the same report set and environment I am getting delivered to me anyway rather than having to look up the information in my corporate directory server separately.

Figure 1: A Guardium Entitlement Report showing a role assigned to two groups: TESTDIR\testgroup1 and TESTDIR\testgroup2 - Who are the users in those groups?

Building a report on that group membership is what this post is all about. You should be warned though: Guardium is not very good at this. In this post you will see mechanisms to try and help make this happen but keep in mind that these mechanisms were not originally designed to fulfill this specific use case. So, it may start to feel a little awkward in making this happen.