IBM Security Guardium Data Protection Reviews

For compliance and risk assessment, monitoring the database traffic, as well as doing vulnerability assessments on the database to make sure that our security is up to par. We use it to keep us less vulnerable as a company as well as to keep the customers' data safe.

So far it has performed really well. Occasionally, we have issues here and there with new patches having bugs, but that's the case with any software.

It has really helped identify areas that we need to fix. It also identifies, from a compliance standpoint, records we can provide. It shows us just how secure we are overall, as a company, rather than just trying to do things here and there. It helps automate what would take thousands of hours for DBAs to do manually.

Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices.

Accelerators is one of the big functions they have out there. It gives you canned reports that you don't have to make yourself, they're out there by being part of the patch. You just have to fill your information in to some of the already built groups, for your environment, and it automates a lot of that. That has definitely helped improve things.

We've integrated it with QRadar, our SIEM product from IBM. When you do that integration, you have to make sure you have the right configuration files from both products. There is some online documentation through the IBM support portal which will give you step-by-step instructions. A lot of is pretty easy to follow.

The most valuable is the GUI, the interface. It also interfaces well with REST API, if you want to automate some of the commands. 

Inside the GUI they've really done a lot, especially from version 9 to version 10, in how they lay it out and how user-friendly it is. I've been using it for a few years, but for someone newer it's now a lot easier to use and not as daunting.

In terms of the advanced features, we do a lot of different regulations - some of the advanced ones, like GDPR, that's a big regulation in the EU. We do a lot of classifications and a lot more rules in our policy base around those regulations, that are advanced.

Looking to the near future, we're looking at some of the cloud features, especially some of the classification they're putting in the cloud, so it's not so much appliance-focused. It will help automate some of that process and make it run a lot more smoothly, because it won't be on Linux appliances in our environment.

Guardium has save us a lot of time, especially with the things it can automate. It has especially saved the DBA's time. We have a lot of other IBM products, so going with this one definitely gives us value, rather than going with another vendor. Senior management is absolutely aware that Guardium has been saving us time and money.

I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments.

I'd also like to make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it.

The user groups are really good for giving them feedback. I've seen, over the years, that they take a lot of that customer feedback and they actually implement some of those changes.

It's pretty stable. It's like any other software, it has its ups and downs: bugs, or configuration issues or things that weren't built exactly in the best way for customers to use. Obviously, they need that kind of feedback from when it's in the environment. But overall, I think it's pretty stable.

I think it scales pretty well. It can run on most of the database platforms currently out there. That is something we really like as a feature, because we try to hit everything in our environment to make sure we're meeting those regulations.

It's pretty good. Sometimes you have to fight through those first couple of walls to get somebody. But they're there for somebody who may not know how their using the tool, who may not be as advanced, so they don't want those kinds of issues to go to their higher-up staff. But for someone who has been using it for a long time, or knows a lot of the different sets and commands that you need to do for that issue, it's a little give-and-take scenario.

The company I work for now had the product when I came in.

In terms of important criteria when selecting a vendor, they include what support is like, how trustworthy the company is, and how they respect their clients.

I wasn't involved in the very initial setup, but it had only been configured for a little while and then I was brought on and helped expand the environment.

For my part, it was pretty complex with what we had in our environment. I made sure we were using the discovery, seeing what we had out there, making sure we're meeting all the regulations that we need to meet. There was also building the reports so the auditors can get the information they need.

I would rate it an eight out of 10. To make it a 10 they would need to do streamlining of some of the agent features, some of the patches, make it a little bit more user-friendly on the documentation.

In terms of advice, I would make sure you do a thorough PoC, that you join the virtual user group that meets once a month, as well as a customer user group that IBM is not involved in, where you can also get some candid questions and answers.

We want to avoid unauthorized manipulation of data. We evaluated use cases like database discovery, identification of sensitive data, and installation and configuration of custom policies. We also conducted POC for alerts on DDL and DML commands, activity logs of users, restricted access for specific users, reporting, and dashboarding.

The tool helps detect invalid login attempts within a specific time frame.

The solution lacks control over database security.

Our database team has conducted a POC of the solution with the service provider. We plan to purchase the solution.

The support manager of IBM in Pakistan supported us in onboarding the technical and salespersons. They helped us draft and create the solution for our company. The support was above average.

Positive

The price is average. The tool is not cheap, but it is not expensive. The solution is worth the money.

There are other solutions like Imperva, but there are no service providers in Pakistan. We need local support as we need multiple deployments.

Since I have not implemented the product yet, I would give it an average rating. Overall, I rate the product an eight out of ten.

We use this product to protect our information. It provides the added feature of including some protective marking rules on the data. Security is the overall high-level objective for us using this solution. We are customers of IBM and I'm a tech lead.

If anyone is trying to access unauthorized data, it sends out an immediate alert to those concerned. 

Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.

I've been using this solution for three years. 

The product is somewhat outdated, but it's stable.

If you implement it on the cloud, it's scalable. But once you scale the solution, dumping the business rules, establishing the configured profile, and maintaining those profiles is a very tedious process. Rather than a centralized solution, it would be better to have a distributed environment. In that case, different servers and different nodes, with each node having control over some of the applications, would be better. 

The support level is based on your license. There is a seating license based on the number of users and a concurrent license that is unlimited. If you're at L1, the support is very responsive. For L2 and L3 things move more slowly.

The initial setup needs a lot of coordination and effort. It also requires an information security officer to identify the risk levels of the applications. Monitoring requires a dedicated infrastructure team. We carried out the deployment in-house. Implementation time depends on the degree to which you want to scale and what you're using it for. 

Deployment requires admin support, enterprise-level LDAP authentication services, and application leads. Depending on your infrastructure, you may also require an information security officer and security team as well as security engineers.

There are various licensing models. 

This tool works very well with IBM products but not so well with other tools. 

I rate the solution six out of 10. 

IBM Guardium Data Protection is used not just for protecting data, but also for vulnerability protection. We use it to monitor our active users, activity, and databases, to look at the kind of commands users do on the databases.

We also use the solution to restrict unauthorized users from accessing the databases. Apart from restricting unauthorized users from accessing these databases, we also need to have the stability to add the database, then switch to another database.

We can also turn on the blocking feature of IBM Guardium Data Protection to ensure that some IPs are unable to connect to some databases.

I like IBM Guardium Data Protection because of its good performance. The resources aren't used up to the detriment of the application. It's robust, and we don't really have any serious downtime on it. The support for the application is also okay.

An area for improvement in IBM Guardium Data Protection is automation. I would want it to be more automated, as it runs too much on manual processes. More processes should be automated on the application.

For example: I want a learning environment where IBM Guardium Data Protection can learn the behavior of an environment, e.g. it should be more intelligent, because there is no intelligence yet on the application. It should be able to learn, e.g. you cannot try to block IBM Guardium Data Protection, in general. This is what I want to see: I want to be able to block it, in general.

I want the application to be able to learn, and learn from the environment. IBM should try to bring in more of e-learning to the application. That's another thing that's missing.

What I'd like to see in the next release of IBM Guardium Data Protection is for them to make resources available for the end users to be able to do a self-study, to understand more deeply how the environment works. Having user guides so people can learn more on what the application can do, about its operations, etc. I would like them to occasionally give users tips, e.g. how to do something, how to make your work easy, etc. This is how they can add value, in particular give more value for money, as they give valuable tips, just like how Microsoft does it, for example: "You can use IBM Guardium Data Protection to do this", then they should explain how to do it.

We've been using IBM Guardium Data Protection for two years.

IBM Guardium Data Protection is a stable application.

IBM Guardium Data Protection is a scalable application.

IBM Guardium Data Protection support is okay. Their response time is fine. They have very competent technicians, and their response is high-level.

The setup for IBM Guardium Data Protection was not that complicated. It was easy.

We evaluated Imperva.

We use IBM Guardium Data Protection for our databases. I can't remember the version we're currently using.

I don't think IBM Guardium Data Protection charges you based on the number of users, e.g. they charge based on the number of licenses, and it's either on a per-license or a per-data basis, so I cannot give the number of users currently using the application.

Increasing the usage of IBM Guardium Data Protection depends on the budget. Nobody wants to increase costs, but costs are increasing, so I don't think we plan on increasing usage for the application.

For the deployment of the application, we have the OEM and our technical team in charge.

I'm giving IBM Guardium Data Protection a rating of nine out of ten.

Our customers include financial institutions like banks, insurance companies, and government entities that use IBM Security Guardium Data Protection for the protection and hardening of their databases.

The most valuable feature of the solution for the customers is the monitoring and full log of the database activity of privileged users. It includes everything happening on the network and locally on the database server.

The solution's pricing should be reduced because it is very high. The solution could be improved for NoSQL databases. From the functionality point of view, the solution has almost everything you need for your database. Overall, the product's functionalities align with the customer's needs.

I have been using IBM Security Guardium Data Protection for more than ten years.

I rate IBM Security Guardium Data Protection a nine out of ten for stability.

Our clients are mostly enterprise businesses.

I rate IBM Security Guardium Data Protection ten out of ten for scalability.

Technical support is always challenging with IBM, but overall it's okay.

Positive

IBM Security Guardium Data Protection is easy to set up and maintain.

Implementing IBM Security Guardium Data Protection takes up to ten days, but the customization and the customer requirement span from one month to six months.

You need to install the product. It's a virtual appliance or a hardware appliance depending on the implementation. When it's set up, the agent must be deployed. Then you have to set the policy. The policy relies on the outcome that the customer wants in the report regarding what has been done with the database and what has been changed.

The solution's pricing was higher before it was acquired. The policy should be for smaller customers to have SMB pricing and for bigger customers to have bigger pricing.

On a scale from one to ten, where one is low price, and ten is very high price, I rate the solution's pricing a nine out of ten.

It is the only solution that can meet the needs of both internal and external audits. It's a very powerful tool that can solve a lot of audit needs.

Overall, I rate IBM Security Guardium Data Protection ten out of ten.

Our primary use case for IBM Guardium Data Protection is audit logging. We monitor transactions and access particular tables in the database with it. 

I would like to see improvements in scalability and easier installation.

I have been using IBM Guardium Data Protection for three years. 

Personally, I have not been very involved with IBM Guardium Data Protection for the last couple of years. However, I think we've had some problems scaling it, but I'm not the right person, really, to answer questions about scalability. My understanding is that there has been some frustration with scaling it, but those may be local issues.

I think IMB's technical support is good. 

The installations are complex. They take several days.

We had help from IBM with deployment.

We pay yearly.

We initially looked at Oracle's own products, but we had legacy databases so we didn't really have many options. We had old flavors of Oracle in place.

Personally, I would not recommend this product. 

Primarily re-monitoring sensitive data and privilege user access. 

One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

• Our ability to see when users are accessing sensitive data. 
• The front-end works very well. 
• Gathering the data works very well. 

We are using quite a few of the advanced features. Some of those include some scripting for integration with our other security tools in the environment along with data collection, and the ability to use large data formats for monitoring and information. 

One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

Guardium is very stable. The only outages that we have had have been self-induced, which is hard to admit. As a platform, it provides great stability.

Guardium should meet our needs going forward. 

We have only been using Guardium for a short period of time, so we had some growth problems. It is just like growing into your body. Your knees start to hurt after a little while, but once you get through that growth spurt, you get your win and you keep going and you are able to grow and expand. I think the way we have it implemented, we will be able to grow and scale as the organization grows. 

We use technical support very frequently. We actually have a weekly call with our sponsor where we go through all of our different support questions. We are on a week-to-week basis where we follow-up with all our questions. We are on the leading edge for Guardium implementations. The version that we are on, it makes us a Fortune Six organization with the current version for all of our data. It requires a lot of support as we grow and mature with the product and with our organization's growth. 

Our initial setup was pretty straightforward because we were just figuring out how it worked. Over the last two years, we have introduced our own complexities to accommodate our requirements. Would I say that it is complex to us today? No. To the average Guardium user? Yes, it would be complex.

We did evaluate other vendors. Guardium was a large purchase. We did our due diligence as we were responsible for the purchase process. Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it. 

To keep track of client information, index security risks, and other information needed at a moments notice. IBM Guardium performs transparent encryption and decryption provides on the fly encryption without needing to be indoctrinated into lengthy training to use it. 

Efficiency is key and IBM Guardium provides information in a heartbeat, but protects the data with military grade encryption. IBM Guardium is used for file and database security for protecting structured and unstructured data. Security policy enforcement of policy-based encryption and centralized encryption key management allows us to maintain data in a secure environment.

IBM Guardium provides a unified key management system to help simplify encryption key management. In a large organization, this is a critical feature and IBM went above and beyond while developing the software. 

Personally, I would like to see IBM Guardium have other encryption algorithms employed, such as DES/3DES or TripleDES, Twofish, Blowfish, or IDEA. I especially would like to see Twofish used, since it is a block cipher designed by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists and is unpatented and open source.

No, IBM Guardium is well designed and compatible with Windows-based computers.  

I have not had nor do I know of any such issues. I believe the design of IBM Guardium is perfect for small to large scale settings, and does not reduce accessibility to content with on the fly encryption.

No, IBM Guardium was already in use. 

Unknown, since I was not involved with the purchase. 

I would suggest to review the type of data, need for security, and if the organizational structure needs the options IBM Guardium provides. 

No, there was no need to. 

Put simply, human error is often the downfall of computer security. When using IBM Guardium, or any encryption software for that matter, use common sense: Encrypt data when not in use, watch where you enter in passwords (not at Starbucks in view of security cameras that can be retrieved by an adversary, or the person next to you), and watch out not to inadvertently install spyware while clicking on a random link.