IBM Support

Guardium inspection engine verification result incorrectly applies to multiple inspection engines

Troubleshooting


Problem

I run the standard inspection engine verification process on one of my inspection engines. Whatever the result of that process, it applies to other inspection engines as well. The other inspection engines have the same tap_ip and port but different connect_to_ip.

Cause

Limitation of the standard inspection engine verification. It can only differentiate based on Server IP, Port and DB Type.

Diagnosing The Problem

1. Confirm S-TAP has two inspection engines of the same DB type and port. The inspection engines have different values for connect to ip.

2. Run inspection engine verification on one of the inspection engines

3. The result will apply to both inspection engines.

The standard verification process treats all inspection engines with the same S-TAP host, DB Type and Port as the same. It applies verification result to all inspection engines that match those values.

Resolving The Problem

in v10 advanced verification should be used in this case. A different datasource for each inspection engine can be made and verification run on each one.

In v9 p750 and below and at the time of writing there is no solution for this problem in v9. Inspection engine verification is not possible in the case when two inspection engines on the same S-TAP host have the same port and same database type.

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Database Activity Monitor","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"10.0;10.0.1;10.1;10.1.2;9.1;9.5","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg22003136

Page Feedback