IBM Support

Does Guardium use squid proxy

Question & Answer


Question

Does Guardium use squid proxy

Answer

Squid is still used by Guardium but it is not enabled by default. Squid is only enabled if you enable either ecosystem or universal connector.
Issue addressed in GRD-43701 - 11.2 Squid HTTP Proxy available exposure on some Guardium appliances
https://delivery04.dhe.ibm.com/sar/CMA/IMA/09f81/1/Guardium_v11_0_p225_patch_release_notes.pdf
Squid would also be enabled when an aggregator is registered to a CM. (Fixed in v11.3 and in Bundle patch p225 for v11.2.)
Squid gets enabled if:
1. Ecosystem is enabled
2. Universal connector is enabled
3. Possibly could also get enabled when the aggregator is registered to a CM <== defect addressed in GRD-43701
QUESTION:
Is there a way to find out whether ecosystem or universal connector is enabled?
It can be determined from the Guardium CLI:
Guardium CLI> comm ecosystem
restart ecosystem
show system ecosystem
start ecosystem
stop ecosystem
store system ecosystem
support must_gather ecosystem_issues

Guardium CLI> show system ecosystem
Ecosystem functionality disabled
Guardium CLI> comm universal
show system universal-connector
store system universal-connector
support must_gather universal_connector_issues

Guardium CLI> show system universal-connector
Universal-Connector functionality disabled
store system universal-connector
support must_gather universal_connector_issues

Guardium CLI> show system universal-connector
Universal-Connector functionality disabled

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z0000001gKzAAI","label":"NETWORKING"}],"ARM Case Number":"TS007586585","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.2.0"}]

Document Information

Modified date:
17 February 2022

UID

ibm16557328

Page Feedback