IBM Security Guardium Data Protection Reviews

Guardium is easily integrated with other IBM solutions, a significant advantage and a key reason we chose Guardium. Both platforms share the IBM infrastructure, enhancing compatibility and integration. Additionally, Guardium offers a vulnerability analyzer, which is another compelling feature of the platform.

For compliance and risk assessment, monitoring the database traffic, as well as doing vulnerability assessments on the database to make sure that our security is up to par. We use it to keep us less vulnerable as a company as well as to keep the customers' data safe.

So far it has performed really well. Occasionally, we have issues here and there with new patches having bugs, but that's the case with any software.

It has really helped identify areas that we need to fix. It also identifies, from a compliance standpoint, records we can provide. It shows us just how secure we are overall, as a company, rather than just trying to do things here and there. It helps automate what would take thousands of hours for DBAs to do manually.

Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices.

Accelerators is one of the big functions they have out there. It gives you canned reports that you don't have to make yourself, they're out there by being part of the patch. You just have to fill your information in to some of the already built groups, for your environment, and it automates a lot of that. That has definitely helped improve things.

We've integrated it with QRadar, our SIEM product from IBM. When you do that integration, you have to make sure you have the right configuration files from both products. There is some online documentation through the IBM support portal which will give you step-by-step instructions. A lot of is pretty easy to follow.

The first implementation of the solution in our company was carried out in 2011. The use cases for the solution may vary from customer to customer, but majorly the product is used for compliance and ensuring the privileged users are properly monitored and audited.

For example, our company has used the tool for masking activities. The basic objective of the solution remains to ensure the ideal monitoring of service accounts and detect suspicious activities, which help our company block suspicious activities. In our organization, IBM Security Guardium Data Protection is used on a highly expensive server. The product implements real-time data monitoring. 

One of the customer's major concerns is monitoring local users; installation of the agent is necessary. Once the agent is installed on the DB, users expect the server to operate without crashing or restarting. The maturity of the agent is the most valuable feature of the solution. 

I believe IBM Security Guardium Data Protection has been available since 2004, so it has become a mature product. In our organization, we would recommend IBM Security Guardium Data Protection as the top product to others, wherever database security is concerned. I would overall rate the solution an eight out of ten. I believe the solution must be upgraded further in accordance with emerging technologies such as AI.  

We use it for monitoring database activity. This includes tracking databases such as MySQL, Oracle, and others. It monitors activities such as logins and logouts, capturing whether they were system or user logins. It also records the execution of scripts and the details of each script run. Additionally, it performs vulnerability assessments on databases and can enforce database lockdowns.

It can help with PCI compliance. It includes features like data masking, especially during queries, which supports compliance efforts. The tool also performs compliance and audit checks and allows auditors to generate ad hoc compliance reports. This helps guide organizations on areas for improvement.

Before IBM Guardium Data Protection, we didn't have any solution. We wanted to check our database activities, for example, admin activities, so with IBM Guardium Data Protection, we created some use cases and also wanted to check up on the use cases in our environment, so we deployed the solution. Right now, we have three or four use cases for IBM Guardium Data Protection: creation, table deletion, and making changes to the table, and we receive alerts when any of those activities happen.

IBM Guardium Data Protection improved our organization by providing visibility into our database functions. Before using the solution, we didn't have that visibility until we took the data logs and integrated them. We didn't have visibility into database bots. We didn't know which users or admin users were able to get into the databases even without specific privileges. Now, with IBM Guardium Data Protection, we have visibility into all details by just collecting the logs on the aggregator, then integrating the aggregator and team logs, so our security analysts can check all the user logs and use cases we created to monitor databases, and view them all on a single screen. IBM Guardium Data Protection gave us one console for monitoring data, so we won't have to look at more than one screen or use other monitoring solutions.

We use this product to protect our information. It provides the added feature of including some protective marking rules on the data. Security is the overall high-level objective for us using this solution. We are customers of IBM and I'm a tech lead.

If anyone is trying to access unauthorized data, it sends out an immediate alert to those concerned. 

Primarily re-monitoring sensitive data and privilege user access. 

One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

We mostly use Guardium as a data activity monitoring solution (DAM). We also use it to perform vulnerability assessment (VA) for data. We deployed Guardium on a private cloud. It isn't a hardware product. It's all virtual machines.

IBM should add more database security features to Guardium. They could add user profiling, anomaly detection, and machine learning. IBM has user profiling, but they need to strengthen it. It should make sense for the users. It should remove most of the false positives.

Anomaly detection would help. Let's say you had a thousand anomalies and 990 are false positives. Who will take care of this? People will simply ignore all 1,000. They need to improve a lot in this area. They're coming out with a new product called Guardium Insights. It will be able to store more data, and its algorithm will be stronger. That will probably fix all my concerns. They have yet to release the beta version.