Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

IBM Security Identity Governance

 

The JSA DSM for IBM Security Identity Governance collects audit events from IBM Security Governance servers.

The following table identifies the specifications for the IBM Security Identity Governance DSM:

Table 1: IBM Security Identity Governance (ISIG) DSM Specifications

Specification

Value

Manufacturer

IBM

DSM name

IBM Security Identity Governance

RPM file name

DSM-IBMSecurityIdentityGovernance-JSA_version-build_number

.noarch.rpm

Supported versions

IBM Security Identity Governance v5.1.1

Protocol

JDBC

Event format

NVP

Recorded event types

Audit

Automatically discovered?

No

Includes identity?

No

Includes custom properties?

No

More information

https://support.juniper.net/support/downloads/

To integrate IBM Security Identity Governance with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs on your JSA console. If multiple DSM RPMs are required, the integration sequence must reflect the DSM RPM dependency.

    • IBM Security Identity Governance (ISIG) DSM RPM

    • JDBC Protocol RPM

  2. Configure a JDBC log source to poll for events from your IBM Security Identity Governance database.

  3. Ensure that no firewall rules block communication between JSA and the database that is associated with IBM Security Identity Governance.

  4. If JSA does not automatically detect the log source, add an IBM Security Identity Governance log source on the JSA Console. The following table describes the parameters that require specific values for IBM Security Identity Governance event collection:

    Table 2: IBM Security Identity Governance DSM Log Source Parameters

    Parameter

    Value

    Log Source type

    IBM Security Identity Governance

    Protocol Configuration

    JDBC

    Log Source Identifier

    DATABASE@HOSTNAME

    Database Type

    Select Oracle or DB2 for the database that you want to use as the event source.

    Database Name

    The name of the IBM Security Identity Governance database. It must be the same as the DATABASE name for the Log Source Identifier.

    IP or Hostname

    The IP address or host name of the IBM Security Governance database. It must be the same as the HOSTNAME of Log Source Identifier.

    Port

    The port number that is used by the database server. The defaults are Oracle: 1521 and DB2: 50000. The default that is displayed depends on the selected database type.

    Username

    The database user name.

    Password

    The database password.

    Predefined Query

    The default is none.

    Table Name

    AUDIT_LOG

    Select List

    *

    Compare Field

    ID

    Use Prepared Statements

    Enable the check box.

    Start Date and Time

    The initial date and time for database polling.

    Polling interval

    The amount of time, in seconds, between queries to the database table. The default polling interval is 10 seconds.

    EPS Throttle

    The number of events per second (EPS) that you do not want this protocol to exceed. The default value is 20000 EPS.

Configuring JSA to Communicate with Your IBM Security Identity Governance Database

To forward audit logs from your IBM Security Identity Governance database to JSA, you must add a log source. Log sources are not automatically detected.

  1. Log in to JSA.
  2. Click the Admin tab.
  3. In the navigation menu, click Data Sources.
  4. Click the Log Sources icon.
  5. Click Add.
  6. From the Log Source Type list, select IBM Security Identity Governance.
  7. From the Protocol Configuration list, select JDBC.
  8. Configure the parameters.
  9. Click Save.