IBM Guardium Analyzer

Hands-On Lab for

Guardium Analyzer – Data Risk Manager (DRM)
Environment
SCS Portal

User Guide

July 2019

For questions, contact Marilene Roder at [email protected]

IBM Security IBM Guardium Analyzer

Guardium Analyzer Demo Hands-on Lab

This Hands-On Lab is designed to get you familiar with the basic features of Guardium
Analyzer. You will setup the Data Connector, scan a database and see the results in
the Guardium Analyzer Dashboard.
Reference guide: passwords to the Virtual Images (VMs)
VM Image Credentials

Password for environment on Guardium10

Skytap

Windows Server IP: 10.0.0.1 Administrator

Passw0rd
** you will install the data connector in this
Windows Virtual Machine

Osprey Linux Database Server IP: 10.0.0.6 root/guardium123

** This database server has databases (DB2

and Oracle) with Personal data

Data Risk Manager IP: 10.0.0.2 admin(GUI) /

P@ssw0rd
a3user – password is
idrm

1. Pre-requisite
1. Setup an instant and temporary email.
Why I need to do that? Because the Analyzer free trial has a limit of 3 databases that you
can register using a particular account. Once you reach this limit, you can’t use that
account anymore.

You will use the temporary email to register with the Analyzer free trial.

2. Open a browser in your laptop and go to www.mailinator.com

a. Type your temporary email account on the white box and click go. Suggestion: use your
initials and todays date:

IBM and Business Partner Internal Use Only 2

IBM Security IBM Guardium Analyzer

b. You will automatically get an empty mail inbox on mailinator.com

Note: if the mail box is not empty it means the account you chose already exists. Try creating
another one.

3. Register your temporary email with the Guardium Analyzer free trial:
1. Open a browser window in your computer and go to https://www.ibm.com/us-
en/marketplace/guardium-analyzer
2. Click on Start your free trial

3. Register for the free trail using your temporary email. As part of the registration process,
you will receive a code in your temporary email. Use www.mailinator.com to retrieve
that code.

4. Wait a few minutes while registration is being processed.

IBM and Business Partner Internal Use Only 3

IBM Security IBM Guardium Analyzer

5. You are done with the registration and ready to use the Guardium Analyzer to scan
databases. Click on Launch.

6. Log in to the Analyzer with your temporary email and lick on Let’s get started (right lower
corner of the page).

7. You will be presented with a series of short videos on the Guardium Analyzer. You can
watch them later. On the lower right corner, find the step to select the regulation you
will be scanning data for:

IBM and Business Partner Internal Use Only 4

IBM Security IBM Guardium Analyzer

8. Select GDPR.

9. Select the scan frequency.

10. Set it to weekly

11. Click on Installation Planning:

12. The Installation planning page will display links to the system requirements and
documentation on how to setup the data connectors. Click on Setup data connector.

IBM and Business Partner Internal Use Only 5

IBM Security IBM Guardium Analyzer

13. Do not download the Data Connector.

14. Click on Install and Register.

15. You will see a page with instructions how to download and install the data connector.
You will perform these steps in a Windows Virtual Machine hosted in the cloud
environment (next step in this Lab).
You completed the configuration of the Guardium Analyzer.

2. Starting the Guardium Analyzer environment

1. Click on the link in the email you received after you schedule the demo.
2. If prompted for a password.
a. Enter Guardium10
b. Click the Submit button.

3. You should see this image:

IBM and Business Partner Internal Use Only 6

IBM Security IBM Guardium Analyzer

4. Click on the VMs tab to go to the VM images for this lab.

5. Click on the play icon to start the images:

6. Start the databases on the Osprey Database Server

I. Login as root/guardium123
IBM and Business Partner Internal Use Only 7
IBM Security IBM Guardium Analyzer

II. run the command:

./startdb_all.sh

3. Installing the Data Connector on the Windows server:

1. Log in to the Windows Bridge VM and double click the short cut to the ibm-data-connector
folder

2. This will take you to the directory where the Connector setup.exe is located. Click on the
setup and follow the prompts. Use the default installation path.

3. When the setup is completed, click finish. Click No to the prompt below.

4. Open Chrome and click on the short cut for the IBM Guardium Data Connector.
(https://localhost/SecureConnector)

IBM and Business Partner Internal Use Only 8

IBM Security IBM Guardium Analyzer

5. You will see the following warning message. Click on Advanced.

6. Click on Proceed to local host.

4. Registering the Data Connector:

1. Login to the Data Connector with your temporary email id to register it with the Guardium
Analyzer on the cloud.

IBM and Business Partner Internal Use Only 9

IBM Security IBM Guardium Analyzer

2. Register the connector. You can use any name. For example: Osprey DB Server. Click on
register and continue.

3. Select your default location. For ex: United States or the country where you are doing this
exercise.

4. Enter the information for the data connector the oracle database:
IP: 10.0.0.6
Port : 1521
Service name: xe
User id: system
Password: guardium
Leave the box “Scan immediately” checked.

IBM and Business Partner Internal Use Only 10

IBM Security IBM Guardium Analyzer

5. Test the connection.

6. Click on Step 2: Scan window (lower right corner). You can keep the default suggestion. In
the Lab you will use the option ‘scan now”.

7. Click on the Confirmation link.

8. You should see this confirmation page. Click Finish.

9. The Oracle data source will be defined.

10. Add a second data connector for DB2. Details are:

IBM and Business Partner Internal Use Only 11

IBM Security IBM Guardium Analyzer

Name: DB2 osprey db

IP: 10.0.0.6
Port: 50000
Database name: sample
User id: db2inst1
Password: guardium

11. Test the connection and save.

1. You will see 2 data connectors defined and the scan should be running. In case you need to run the
scan, select both data connectors and click on Scan Now

IBM and Business Partner Internal Use Only 12

IBM Security IBM Guardium Analyzer

2. When the scan is complete, the connectors will display the additional following information:

5. Looking at the Scanned data with the Guardium Analyzer Dashboard

1. When the scan is complete, open a Chrome browser window in your laptop and log in to the
Guardium Analyzer to see the results.

https://datarisk.dsoc.ibm.com/home
2. After you have logged in, you will see a Dashboard similar to this one. Investigate the different
results from the scan (Select View All for each of the summary results)

3. Let’s drill down in the results of the Data Patterns found. Click on View All.

IBM and Business Partner Internal Use Only 13

IBM Security IBM Guardium Analyzer

4. The Data Patterns found will look similar to this view:

5. Marking a match as a Data Subject:

a. Click on a specific row, for example: Sexual Orientation. The following view will open:

b. When you select the check box for each match found, you can specify whether that match is a
Data Subject or a False Positive.

IBM and Business Partner Internal Use Only 14

IBM Security IBM Guardium Analyzer

Note: Guardium Analyzer will present you the matches to the Data Patterns. You need to identify for
each match weather that match is correct (to be considered a Data Subject), or not.

c. After you decided whether a pattern found is a data subjects (or not), you can go back to the
main list of result by clicking on the patterns list.

d. Note that the same pattern analysis (to determine whether that result is a Data Subjects or not)
would need to be done for the other columns scanned in the 2 datasources.

7. Click on the Dashboard icon to explore other views of the Dashboard.

IBM and Business Partner Internal Use Only 15

IBM Security IBM Guardium Analyzer

8. Click on Test results. This will show you a page with all Vulnerability tests that were executed on the
data sources.

9. Let’s explore in further detail the results of the Password_Reuse_Max test. This page will show how
many Personal records are impacted by this vulnerability.

10. Click on the checkbox at the right of the vulnerability and a recommendation page will show the
action to take, comments you can add or mark that vulnerability as fixed.

IBM and Business Partner Internal Use Only 16

IBM Security IBM Guardium Analyzer

6. Defining Reports:
Guardium Analyzer allows user to create an audit-appropriate PDF report that captures findings and the
supporting details for a specified set of data sources, as well as descriptive information that will be
needed for an auditor to understand the report.

1. In the Guardium Analyzer menu, click on Reports.

2. Click on the option for new Report and follow the prompts.

3. After you have defined the report, it will display in the list of available reports. Then click on Generate
and Download the report.

IBM and Business Partner Internal Use Only 17

IBM Security IBM Guardium Analyzer

Part 1 – Overview (10 min) https://ibm.box.com/s/9jde3ipdcn28evfr1sfc00374mpp9sc5

Part 2 – Demo (20 min) https://ibm.box.com/s/9i4ekkp0a9ztkmmeqoppgqowir9rolqa

Part 3 – QA (20 min) https://ibm.box.com/s/elz0s0i2kp0n5vyo207jmc7a3fbp5iou

*** Thank You ***

IBM and Business Partner Internal Use Only 18