IBM Security Guardium - How do I make the Linked server MSSQL queries work with Query Rewrite?

Question & Answer

Question

I can't seem to get a linked query to work with Query Rewrite (QRW).

e.g.

Query Rewrite for SELECT FIRSTNAME FROM EMPLOYEE works as expected : --> FIRSTNAME to be re-written as '####'

However, a linked query :

SELECT FIRSTNAME from [TESTDB\MSSQLSERVERTEST].TestDb.dbo.EMPLOYEE fails to rewrite the FIRSTNAME.

How do I make this work ?

Cause

Guardium QRW does not support Remote Procedure Calls (RPC calls) for MSSQL Server.

Answer

When this SQL is run with the linked server query, the SQL running on remote server is not the same as you type in MSSQL GUI.

It changes from:

SELECT FIRSTNAME from [TESTDB\MSSQLSERVERTEST].TestDb.dbo.EMPLOYEE;

To the following RPC call :

__RPC sp_prepexec SELECT "Tbl1002"."FirstName" "Col1004" FROM "TestDb"."dbo"."EMPLOYEE" "Tbl1002".

The above call, as logged in Guardium appliance, is artificially constructed by Guardium sniffer from pieces of information in traffic. Even if QRW was able to rewrite the query and send back to the DB, it will not be accepted by the DB as it is not a native DB format.

Therefore Query rewrite on RPC calls in MSSQL Server is not supported.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Component":"","Platform":[{"code":"PF004","label":"Appliance"},{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Tips

IBM Security Guardium - How do I make the Linked server MSSQL queries work with Query Rewrite?

Question & Answer

Question

Cause

Answer

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?