What's new in this release
New features, functions, and enhancements.
IBM Security Guardium V11.4
- Configure custom properties for your datasource
- By configuring custom properties, you can better manage your datasources, organize your workflow, and efficiently accomplish complex processes. For more information, see Configuring custom properties for your datasources.
- File transfer without passwords for data archive, data backup, export results, and data marts
- The SSH key support provides a new solution for password management for data archive, data backup, export results, and data marts. The Guardium system generates SSH keys specific to the transfer, and propagates them to remote hosts that support SCP connections. At the central manager level, you can generate SSH keys across the deployment and propagate them to remote hosts. For more information, see Enabling SSH key pairs for data archive, data export, data mart, export_transfer_key, and the store system public_transfer_key and store system scp-ssh-key-mode CLI commands.
- GIM: Activate GIM listeners after the GIM certificates on the appliance was changed
- For more information, see What to do next in Creating and managing custom GIM certificates.
- HashiCorp integration
- Integrate your Guardium system with HashiCorp to securely store, manage, rotate, and retrieve credentials for all supported datasources. For more information, see Managing datasource credentials with HashiCorp.
- Multi-factor authentication RSA SecurID support
- Multi-factor authentication now supports RSA SecurID with either a hardware or software token.
- Multiple LDAP server support
- Guardium now import LDAP users from multiple LDAP servers. For this change, the access manager now handles LDAP configuration in a new access manager window.
- Real-time sensitive-object identification
- Real-time sensitive-object identification processes response data looking for predefined patterns that match personally-identifiable and other sensitive information. It matches user-selectable patterns for things like credit card numbers, international bank numbers, email addresses, and personal identification numbers for various countries.
- Real-time trust evaluator
- The real-time trust evaluator monitors and evaluates your Guardium S-TAP connections to determine whether connections can be trusted and to identify anomalies.
- Response length in policies, reports, and alerts
- When you define policy rules, you can now include the response length threshold under
Other Criteria for access policies. For alerts, you can now add the
%%ResponseLength variable to the alert message template. For more information
about using response length, see Rule definition fields and The alert message
template.
Note: Response length is not supported for z/OS. - Security incident policies
- Guardium provides several session level policy templates that encapsulate security problems that are frequently found at run time. Each of the security incident policies contains rules that find and report on a specific type of security incident.
- S-TAP: automatic relocation
- Use this feature to find and restart S-TAPs that have become unsynchronized while using enterprise load balancing. For more information about S-TAP relocation, see Restarting (resynchronizing) S-TAPs for enterprise load balancing.
- To-do list enhancements: manage multiple processes, compare classifier results
- The to-do list now supports taking actions on multiple processes at once, for example marking several items as viewed or as signed. For more information about working with multiple processes, see Audit process to-do list.
- Windows S-TAP: No reboot after uninstall
- The Windows S-TAP can be uninstalled without reboot. Upgrade your S-TAP to 11.4, reboot the S-TAP once, for example, in the next maintenance window, and then the S-TAP can be uninstalled without having to reboot the database server or restart database instances. A fresh install of 11.4 WSTAP out of the box is fully uninstallable without requiring a reboot.