Sunday, November 17, 2013

Three Basic Reports in Guardium That Always Seem to Be Reused

by John Haldeman, Security Practice Lead

Guardium has extensive reporting capabilities. You can build a variety of reports to view the data in a lot of different ways. That being said, after working with Guardium for some time you may notice that there are a few reports that get reused over and over again as the basis for other reports. The columns in these reports hardly change. Instead the criteria are refined after they are cloned.

I contend that there are really three report definitions in Guardium that can provide the basis for 80% of the reports that customers require. As such, I tend to create those base reports first so that I can reuse their definitions over and over again. If you are starting out in Guardium you might find these useful. If you have three base reports that you know work, you won't have to struggle building them from scratch which includes picking the correct main entity for the report and only including fields that make sense.

Tuesday, April 16, 2013

Optim for Legacy (Non-Relational) Application Retirement Middleware Options

by Matthew Simons, ILMG Practice Lead

When you’re helping your customer archive or retire data from mainframe data sources, you’ll need to make some informed choices during the sales process to determine which mix of products will address their needs properly.  This isn’t always as straightforward as it seems, especially when Optim and the Mainframe are involved.
 
When accessing non-relational data on a z/OS platform using Optim Distributed (LUW), you must use a middleware layer on the mainframe to present this "legacy" (VSAM, IMS, SEQ) and non-relational (CA IDMS, CA Datacom) data as a relational data source.  This relational translation is what can be linked to natively supported Optim DBMSs (Oracle and DB2 LUW are the most common).  
 
When selling and implementing Optim, there are two options for this middleware component of the solution:

Tuesday, April 2, 2013

Things You Need to Build Your Own STAP with mongoTap as an Example

by John Haldeman, Security Practice Lead

Late last year Joe DiPietro and his colleagues at IBM wrote two articles providing a detailed explanation of Guardium's Universal Feed (a link to those articles are found later in this post). The Universal Feed allows you to build your own STAPs for data sources that Guardium does not support. I recently built and open sourced a STAP for mongoDB. I want to use this post to talk about some things that you will need in order to build a custom STAP (other than the knowledge of the protocol explained in the Universal Feed articles). I will use the mongoTap as an example for the discussion.



Friday, March 1, 2013

Before/After Value Change Auditing in Guardium

by John Haldeman, Security Practice Lead

 

Overview

A little known but useful Guardium function is Value Change Auditing. We just had our second customer ask about it, so we thought it was time for a blog post on the subject. This post will explain what Before/After Value Change Auditing is and explain how to configure it to monitor an Oracle data source. While Oracle is used as an example, the same mechanisms and concepts apply to the other database types that are supported for this function (DB2, Informix, MS SQL Server, Sybase).

Traditionally, when Guardium audits traffic, it monitors the communication stream between the database client and database server. So, you can see the SQL statement executed. For example:
UPDATE CUSTOMER SET CCN = ‘1234 1234 1234 1234’ WHERE NAME = ‘John';
The Problem is that we know what value CCN is after the update, but cannot easily see what the value of CCN was before this update.

Monday, January 21, 2013

Improving Optim Delete Performance By Looking Up Multiple Keys at Once


Optim delete performance can be enhanced through many different methods (turning off "compare whole row", locking tables, disabling triggers and constraints, ensuring the primary key is indexed, etc).  By far one of the biggest bangs for your Optim buck is asking the database a question one time (can you please find and delete n rows) but having n be a long list of primary key values, rather than just one value.  There are two ways to accomplish this multi-key lookup - Array Deletes and Forced Key Lookup.