Professional Documents
Culture Documents
IBM Guardium Appliance Technical Requirements 11.4
IBM Guardium Appliance Technical Requirements 11.4
Abstract
This document establishes the technical requirements for Guardium version 11.4 - CPUs, RAM.
Content
The IBM Security Guardium solution is available as a:
• Software offering – software images deployed on customer hardware either directly or as virtual appliances.
The scope of this document is the “Software Offering”, and the requirements listed in this document apply to both
the physical appliance and the virtual appliance unless specified otherwise.
Product overview
IBM® Security Guardium® is a unified, cross-platform solution that both protects databases in real time and
automates the entire compliance auditing process. The solution supports all major database platforms, enterprise
applications, and operating systems (UNIX, Linux, Windows, and z/OS).
• Collector – In Database Activity Monitoring or Vulnerability Assessment, the collectors monitor and analyze
database activity to provide continuous fine-grained auditing and reporting, real-time policy-based alerting and
database access controls.
• Central Manager/Aggregator –The Central Manager is a single point of management for the entire IBM
InfoSphere Guardium deployment. With the Central Manager, customers can define enterprise-wide policies,
alerts, queries and reports, install patches, push configuration and perform a variety of other administrative
tasks from a single console. In addition, data from multiple collectors can be aggregated to the Aggregation
Server to provide holistic views and generate enterprise-level reports.
Hardware Requirements
The following hardware requirements are necessary for the IBM Security Guardium solution to work properly.
Unless specified otherwise, the requirements are for both the physical installation and the virtual installation.
The IBM Guardium solution works only on x86 Intel-based or AMD-based platforms (for example, x86_64). Only
platforms and hardware that are officially supported by RedHat Linux 7.9 (64-bit) are expected to work properly
(See links to RedHat Support documentation, listed at end of this document). However, not all officially supported
https://www.ibm.com/support/pages/node/6481035 1/8
1/24/22, 10:13 AM IBM Guardium Appliance Technical Requirements 11.4
platforms are guaranteed. Platforms that require additional drivers or specialized post-install configuration are not
supported at this time (see note below).
Note: If a customer has an appliance they know will require additional configuration beyond the standard RedHat
7.9 (64-bit) installation, then that customer should install RedHat 7.9 (64-bit) and record all the installation time
choices and any post-install configuration steps. Send this information to Guardium Technical Services for analysis
and, based on the analysis, they may be able to provide a software update to support this platform.
Deviations from the specifications in this document may result in failure to install the solution, in such cases, the
appliance might not be accessible over the network and IBM Guardium Technical Support engineers will not be
able to assist in troubleshooting and remediation.
IBM Guardium can be installed on RedHat Enterprise Virtualization, VMware Virtualization, and Microsoft Hyper-V
are supported by Guardium as platforms for a virtualization solution.
Notes:
1. Hardware requirements for the virtual solution are restricted to the platforms supported by VMware. ESX 5.1
higher is the minimum to run Guardium 11.0.
2. When using the virtual solution, the performance of Database Activity Monitoring using over-the-network
inspection through SPAN port or Tap device depends on the configuration of the virtual system, including CPU and
memory dedication.
3. VMware introduces additional complexity. The overall performance and utilization of your Guardium virtual
appliance may vary based on VMware configuration, resource allocation, and/or sizing planning.
In addition to minimum and recommended resources for typical deployments, recommendations are also provided
for high-load environments such as Teradata clusters, Oracle Exadata, Oracle SuperCluster, or IBM POWER9.
https://www.ibm.com/support/pages/node/6481035 2/8
1/24/22, 10:13 AM IBM Guardium Appliance Technical Requirements 11.4
Recommended: 32 GB
For Central Managers in a large federated environment,
the recommended memory is
Ports (NICs) 1-4 Each port can be an actual NIC, or a virtual switch that
1 Gbit or 10 Gbit per can be configured to use multiple NICs, optionally with
failover IP teaming.
second card
Optional: The third port may also be configured to team
recommended
with the primary interface in order to provide failover IP
10 Gbit per second teaming. Alternatively, the last port on the device may
card can be used in be configured as a secondary management interface
64-bit system with with a different IP, NETMASK and GW from the primary.
sufficient memory
When using Inspection Engines to capture traffic (not
https://www.ibm.com/support/pages/node/6481035 3/8
1/24/22, 10:13 AM IBM Guardium Appliance Technical Requirements 11.4
Disk Speed 7200 RPM to 15,000 RPM To use 7200 RPM, scale back the sizing ratio by 70%.
Example: If you are using 7200 RPM disk, which is
slow, you should reduce your sizing by 70%. If your
sizing calls for 10 S-TAPs to a collector, if you are
running with 7200 RPM drives, drop that to 3 S-TAPs to
a collector.
Important: The installation of the software appliance will wipe the disk, repartition and reformat the disk, and install
the IBM Guardium solution as a newly installed operating system.
Refer to the Appliance Installation Guide for step-by-step instructions on configuration and installation. The
separate Appliance Installation Guide also provides information on how to customize the partitioning on the
appliance and how to install on a remote drive (SAN). Installation on a SAN is supported; installation on a NAS is
not supported.
The 10G network cards must be supported by the appropriate version of RedHat Enterprise Linux (RHEL) (RedHat
7.9 for Guardium v11.0 and up).
Sizing Recommendations
Note: In general, hardware specifications and configuration should follow manufacturers' best-practices to optimize
performance. For example on the topic of memory configuration, make sure that the DIMMs are both balanced and
matched, otherwise you will not take advantage of the full capacity of the appliance.
Quantity Description
https://www.ibm.com/support/pages/node/6481035 4/8
1/24/22, 10:13 AM IBM Guardium Appliance Technical Requirements 11.4
2 SFP+ SR Transceiver
Quantity Description
2 SFP+ SR Transceiver
https://www.ibm.com/support/pages/node/6481035 5/8
1/24/22, 10:13 AM IBM Guardium Appliance Technical Requirements 11.4
Quantity Description
2 SFP+ SR Transceiver
Quantity Description
https://www.ibm.com/support/pages/node/6481035 6/8
1/24/22, 10:13 AM IBM Guardium Appliance Technical Requirements 11.4
2 SFP+ SR Transceiver
dium&release=All&platform=All&function=fixId&fixids=Guardium_FirmwareUpdate_SR630_USB_v3-10,Guardium_FirmwareUpdate_SR630_D
VD_v3-10,Change-logs_SR630_v3-10&includeSupersedes=0&source=fc)
More Information
https://www.ibm.com/mysupport/s/topic/0TO5000000025yoGAA/guardium-data-protection?
language=en_US&productId=01t50000004XIxMAAW
(https://www.ibm.com/mysupport/s/topic/0TO5000000025yoGAA/guardium-data-protection?language=en_US&productId=01t50000004XIxMAA
W)
http://www.redbooks.ibm.com/Redbooks.nsf/RedpieceAbstracts/sg248129.html
(http://www.redbooks.ibm.com/Redbooks.nsf/RedpieceAbstracts/sg248129.html)
http:/www.redhat.com/rhel/compatibility/hardware/
https://www.ibm.com/support/pages/node/6481035 7/8
1/24/22, 10:13 AM IBM Guardium Appliance Technical Requirements 11.4
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/
(https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/)
Document Information
More support for:
Software version:
All Version(s)
Document number:
6481035
Modified date:
17 September 2021
https://www.ibm.com/support/pages/node/6481035 8/8