What is our primary use case?
For compliance and risk assessment, monitoring the database traffic, as well as doing vulnerability assessments on the database to make sure that our security is up to par. We use it to keep us less vulnerable as a company as well as to keep the customers' data safe.
So far it has performed really well. Occasionally, we have issues here and there with new patches having bugs, but that's the case with any software.
How has it helped my organization?
It has really helped identify areas that we need to fix. It also identifies, from a compliance standpoint, records we can provide. It shows us just how secure we are overall, as a company, rather than just trying to do things here and there. It helps automate what would take thousands of hours for DBAs to do manually.
Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices.
Accelerators is one of the big functions they have out there. It gives you canned reports that you don't have to make yourself, they're out there by being part of the patch. You just have to fill your information in to some of the already built groups, for your environment, and it automates a lot of that. That has definitely helped improve things.
We've integrated it with QRadar, our SIEM product from IBM. When you do that integration, you have to make sure you have the right configuration files from both products. There is some online documentation through the IBM support portal which will give you step-by-step instructions. A lot of is pretty easy to follow.
What is most valuable?
The most valuable is the GUI, the interface. It also interfaces well with REST API, if you want to automate some of the commands.
Inside the GUI they've really done a lot, especially from version 9 to version 10, in how they lay it out and how user-friendly it is. I've been using it for a few years, but for someone newer it's now a lot easier to use and not as daunting.
In terms of the advanced features, we do a lot of different regulations - some of the advanced ones, like GDPR, that's a big regulation in the EU. We do a lot of classifications and a lot more rules in our policy base around those regulations, that are advanced.
Looking to the near future, we're looking at some of the cloud features, especially some of the classification they're putting in the cloud, so it's not so much appliance-focused. It will help automate some of that process and make it run a lot more smoothly, because it won't be on Linux appliances in our environment.
Guardium has save us a lot of time, especially with the things it can automate. It has especially saved the DBA's time. We have a lot of other IBM products, so going with this one definitely gives us value, rather than going with another vendor. Senior management is absolutely aware that Guardium has been saving us time and money.
What needs improvement?
I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments.
I'd also like to make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it.
The user groups are really good for giving them feedback. I've seen, over the years, that they take a lot of that customer feedback and they actually implement some of those changes.
What do I think about the stability of the solution?
It's pretty stable. It's like any other software, it has its ups and downs: bugs, or configuration issues or things that weren't built exactly in the best way for customers to use. Obviously, they need that kind of feedback from when it's in the environment. But overall, I think it's pretty stable.
What do I think about the scalability of the solution?
I think it scales pretty well. It can run on most of the database platforms currently out there. That is something we really like as a feature, because we try to hit everything in our environment to make sure we're meeting those regulations.
How are customer service and support?
It's pretty good. Sometimes you have to fight through those first couple of walls to get somebody. But they're there for somebody who may not know how their using the tool, who may not be as advanced, so they don't want those kinds of issues to go to their higher-up staff. But for someone who has been using it for a long time, or knows a lot of the different sets and commands that you need to do for that issue, it's a little give-and-take scenario.
Which solution did I use previously and why did I switch?
The company I work for now had the product when I came in.
In terms of important criteria when selecting a vendor, they include what support is like, how trustworthy the company is, and how they respect their clients.
How was the initial setup?
I wasn't involved in the very initial setup, but it had only been configured for a little while and then I was brought on and helped expand the environment.
For my part, it was pretty complex with what we had in our environment. I made sure we were using the discovery, seeing what we had out there, making sure we're meeting all the regulations that we need to meet. There was also building the reports so the auditors can get the information they need.
What other advice do I have?
I would rate it an eight out of 10. To make it a 10 they would need to do streamlining of some of the agent features, some of the patches, make it a little bit more user-friendly on the documentation.
In terms of advice, I would make sure you do a thorough PoC, that you join the virtual user group that meets once a month, as well as a customer user group that IBM is not involved in, where you can also get some candid questions and answers.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Easy to use.