IBM Guardium Scanner Overview
IBM InfoSphere Guardium appliances are capable of exporting database vulnerability information that can be critical to protecting customer data.
IBM Guardium audit processes export the results of tests that fail the Common Vulnerability and Exposures (CVE) tests generated when running security assessment tests on your IBM Guardium appliance. The vulnerability data from IBM Guardium must be exported to a remote server or staging server in Security Content Automation Protocol (SCAP) format. JSA can then retrieve the scan results from the remote server storing the vulnerability using SFTP.
IBM Guardium only exports vulnerability from databases containing failed CVE test results. If there are no failed CVE tests, IBM Guardium may not export a file at the end of the security assessment. For information on configuring security assessment tests and creating an audit process to export vulnerability data in SCAP format, see your IBM InfoSphere Guardium documentation.
After you have configured your IBM Guardium appliance, you are ready to configure JSA to import the results from the remote server hosting the vulnerability data. You must add an IBM Guardium scanner to JSA and configure the scanner to retrieve data from your remote server. The most recent vulnerabilities are imported by JSA when you create a scan schedule. Scan schedules allow you to determine the frequency with which JSA requests data from the remote server host your IBM Guardium vulnerability data.
Integration overview for IBM InfoSphere Guardium and JSA.
On your IBM InfoSphere Guardium appliance, create an SCAP file with your vulnerability information. See your IBM InfoSphere Guardium documentation.
On your JSA Console, add an IBM Guardium scanner. See Adding an IBM Guardium Vulnerability Scanner
On your JSA Console, create a scan schedule to import scan result data. SeeScheduling a Vulnerability Scan