Auditing with IBM Security Guardium (UNIX, Linux)

You can audit user actions for your Informix® database server with IBM® Security Guardium® version 10.0 or later. IBM Security Guardium prevents leaks from databases, ensures the integrity of information, and automates compliance controls across heterogeneous environments.

After you set up the IBM Security Guardium server, you start the ifxguard utility to monitor connections to your Informix databases. You can set the logging mode and the number of worker threads to prevent heavy locking by editing the ifxguard configuration file. You can enable auditing and set the actions of the database server if the IBM Security Guardium server does not respond in the timeout period by setting the IFXGUARD configuration parameter in the onconfig file.

Every time a user session attempts an action that is auditable, an ifxguard agent contacts the IBM Security Guardium server. The IBM Security Guardium server can mask sensitive data or close a connection that fails the security audit.

To configure IBM Security Guardium and start auditing:

  1. Install and configure IBM Security Guardium. See IBM Security Guardium V 10.0.
  2. Edit the ifxguard configuration file.
  3. Set the IFXGUARD configuration parameter in your onconfig file for your Informix database server.
  4. Follow the instructions in the section Informix EXIT with UNIX S-TAP to configure and start the ifxguard utility. See Installing an S-TAP on a UNIX server.

Copyright© 2019 HCL Technologies Limited