1、Orlando,FLOctober 69IBM TechXchange 20251434Best Practices and Diagnosing Issues with IBM Guardium z/OS STAPsChris BornRocket Software,Inc.Principal Software Engineer1434 Best Practices and Diagnosing Issues with IBM Guardium z/OS STAPsAgendaS-TAP architecture for z/OSFiltering capabilitiesPerforman
2、ce/Best PracticesIBM TechXchange|2025 IBM Corporation23Guardium ArchitectureCollectorsMainframesStructured/UnstructuredMulti-cloudGuardium InsightsTicket IntegrationLong Term RetentionFast,Easy ReportingAnomaly BehaviorPredictive AnalyticsVulnerability correlationTicketing/blockingSOC IntegrationClo
3、ud Datasources(AWS Kinesis,Azure Event Hubs,S3,Native Logs)Windows,Linux,Unix Servers(RDBMS,Big Data,Filesystem,NAS,Sharepoint,Native Logs)DB2,Datasets,IMSData discovery&classification of sensitive dataVulnerability Assessment Configuration AuditingReports and DashboardsAudit WorkflowsDetect or bloc
4、k unauthorized&suspicious activityRisk Analytics,Threat Investigation DashboardManagement console for appliances&agentsMonitors performance&health of componentsGroup ManagementControl PatchingConnectivity to InsightsVault IntegrationCentral ManagerREST APIIntegrationsAgent|Proxy|AgentlessColdStorage
5、IBM TechXchange/2023 IBM CorporationGuardium Components for S-TAP for Db2IBM TechXchange|2025 IBM Corporation4DB2 S-TAP on Z Collects data access information from a variety of DB2 resources to produce a comprehensive view of business activity for auditors Collection based on collection profile polic
6、y,filtered at collection point Authorization IDs,Objects,Plans,Programs,connection information etc.Collection via shared DB2 Subsystem intercepts TCP/IP stream audit events to Guardium SystemGuardium System(aka Appliance,Collector,Aggregator/CM,GI)Policy definitions Hardened hardware or virtual appl