IBM Security Guardium Data Protection Reviews

To provide cyber security for databases.

It has performed very well.

It has made us more responsive and more productive, more efficient.

We use Guardium to support security initiatives and compliance policies. We are in the healthcare world, so it helps us with HIPAA compliance. It has also helped us with PCI. We haven't gone with GDPR.

We have not yet integrated Guardium with other systems we use.

It has saved us time and money by definitely making us more productive. Senior management is aware of this.

It provides a comprehensive security for databases, both on-prem and on the cloud.

Among the advanced features we use automatic backups, DR. We'd like to implement more predictive, using Watson.

More predictive, using Watson AI would be good.

It's very stable.

It's scalable.

We sometimes use technical support from IBM. It has been good, very good.

We were using traditional cyber security stuff. But this is a pretty good product. We became an IBM business partner, we are a cyber security business partner for IBM. We have other products besides Guardium that we are marketing.

The most important criteria when selecting a vendor are their

• stability
• quality
• support.

It was straightforward.

Buy it.

All the features are useful for the customer and they have many use cases, especially for DB protection.

They have a module called Redaction. For query rewriting, it can protect some data stored in the table by the DB admin to return the masked data, in case he tries to view our customer personal information such as phone numbers,names, account number etc.

In some cases it blocked the bad user from deleting or copying data , For example, in use cases to block creation of the users on the DB without filing forum/ following the company policy.

It provides the customer to help secure the DB, especially for the multi-DB environments. It also provides visibility for the DB activity, secures the customer information in the DB, from any privilege misuse by an insider.

The FAM module needs to be improved. This module is for file activity monitoring and here if IBM would focus on marketing this part, it will be good as the end-user can monitor any configuration file in servers and not only the DB.

I have used this solution for around six years.

Some issues have been experienced but no big issues as such. The solution is 90% stable.

We have not encountered any scalability issues.

I would give the technical support a 9/10.

The setup was very easy. It took us around one day to set it up and running.

You should make sure of the DB size before you buy the product. It is also important to define the requirement very carefully as it could affect the sizing. You should make sure of the monitoring mode that they would like to apply.

We looked at the Oracle and Imperva solutions.

Take care of the scope and the monitoring mode. Also, if the size of the DB is high then do not do it over virtual.

We are a solution provider and IBM Guardium is one of the database products that we implement for our clients. Our customers for Guardium are mostly banks and they use it for PCI compliance.

The most valuable features are the reporting and data-level access control.

The interface is easy to use and the learning curve is not very steep.

The price of this solution is quite high for smaller organizations, so they should release a version that is affordable for small and medium-sized businesses.

I have been working with IBM Guardium for about a year and a half.

The stability depends, in part, on how much the client can give the appliance in terms of resources. Overall, I think that it's a really stable appliance, as long as you keep it up to date with all of the patches and updates.

I have done at least one really large-scale deployments and my impression is that it scales really well. 

I have not personally interacted with IBM's technical support. Normally, my seniors in the company would do that.

The initial setup is straightforward. It took about a month for me to get started on it. I used the resources from the security learning academy to begin.

The length of time required for deployment depends on the scale and the internal processes. The largest that I have done took more than a year to complete, although these clients have lots of stuff happening in their environment that had to be taken care of. At times, things like this put us off of our schedule.

We implement and deploy this solution for our clients. People from the client's side are also required. We have the Guardium Administrator, who is usually the project lead. The client will have database administrators, network administrators, IT staff to set up the appliance, and somebody from information security.

My advice to anybody who is implementing this solution is to start small, with a test environment, and then scale it up. This way, if there is a fault at the beginning then it won't be multiplied by the time you have a larger deployment and are fully integrated. In this way, you will see if it meets the requirements.

Overall, this is a wonderful product.

I would rate this solution an eight out of ten.

The main features are database activity monitoring and firewall feature blocking.

I'm working as a consultant for security products. I'm not a user of this product. Guardium is helping customers to get insights into who is accessing company data, when they are doing it, and from which location.

Guardium can block malicious connections to the databases. For example, if someone is accessing sensitive data in a production database during non-working hours, Guardium can block this connection.

I would like to see a better GUI. IBM is working on GUI improvements with every new release.

I have used this solution for five years.

I did not encounter any issues with stability.

The system is scalable.

Technical support is fast and responsive. The typical response time is less than two hours.

The initial setup is relatively simple. It depends on how many collectors and aggregators are in the setup and the number of databases included in the monitoring solution.

After the initial setup, the level of complexity depends on the customer’s needs.

Ask for a PoC project and then decide.

My primary use of this solution is for database activity monitoring.

The most valuable features of this product are activity monitoring on the database servers, discovery capabilities, and vulnerability scanning.

An area for improvement would be the user interface - currently, it takes around two to three months to become comfortable using it. In the next release, I would like to see more integration with other vault vendors.

I've been using this solution for five years.

The product is stable - during my time using it, I have not had any crash problems with the servers, and I haven't needed to do any restarts.

I haven't had any problems with the global and local support for this product.

The initial setup was basic and easy and didn't take much time.

The cost of this product is reasonable but could be lowered to a more competitive level.

Guardiam's accountability is good - by design, it doesn't give any root privilege to customers, which means we don't have highly important privilege for access to Guardiam. They use only a user level, so kernel-level users are prohibited, which means there aren't any accidental effects from the customer side. I would rate this solution as eight out of ten.