Try our new research platform with insights from 80,000+ expert users
it_user840906 - PeerSpot reviewer
Senior information security analyst at PFG
Real User
GUI is user-friendly; also interfaces well with REST API if you want to automate commands
Pros and Cons
  • "Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices."
  • "Accelerators is one of the big functions they have out there. It gives you canned reports that you don't have to make yourself, they're out there by being part of the patch. You just have to fill your information in to some of the already built groups, for your environment, and it automates a lot of that. That has definitely helped improve things."
  • "The most valuable feature is the GUI, the interface. It also interfaces well with REST API, if you want to automate some of the commands."
  • "I think it scales pretty well. It can run on most of the database platforms currently out there. That is something we really like as a feature, because we try to hit everything in our environment to make sure we're meeting those regulations."
  • "I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments."
  • "I'd like to them make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it."
  • "I would like to see streamlining of some of the agent features, some of the patches; make it a little bit more user-friendly on the documentation."

What is our primary use case?

For compliance and risk assessment, monitoring the database traffic, as well as doing vulnerability assessments on the database to make sure that our security is up to par. We use it to keep us less vulnerable as a company as well as to keep the customers' data safe.

So far it has performed really well. Occasionally, we have issues here and there with new patches having bugs, but that's the case with any software.

How has it helped my organization?

It has really helped identify areas that we need to fix. It also identifies, from a compliance standpoint, records we can provide. It shows us just how secure we are overall, as a company, rather than just trying to do things here and there. It helps automate what would take thousands of hours for DBAs to do manually.

Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices.

Accelerators is one of the big functions they have out there. It gives you canned reports that you don't have to make yourself, they're out there by being part of the patch. You just have to fill your information in to some of the already built groups, for your environment, and it automates a lot of that. That has definitely helped improve things.

We've integrated it with QRadar, our SIEM product from IBM. When you do that integration, you have to make sure you have the right configuration files from both products. There is some online documentation through the IBM support portal which will give you step-by-step instructions. A lot of is pretty easy to follow.

What is most valuable?

The most valuable is the GUI, the interface. It also interfaces well with REST API, if you want to automate some of the commands. 

Inside the GUI they've really done a lot, especially from version 9 to version 10, in how they lay it out and how user-friendly it is. I've been using it for a few years, but for someone newer it's now a lot easier to use and not as daunting.

In terms of the advanced features, we do a lot of different regulations - some of the advanced ones, like GDPR, that's a big regulation in the EU. We do a lot of classifications and a lot more rules in our policy base around those regulations, that are advanced.

Looking to the near future, we're looking at some of the cloud features, especially some of the classification they're putting in the cloud, so it's not so much appliance-focused. It will help automate some of that process and make it run a lot more smoothly, because it won't be on Linux appliances in our environment.

Guardium has save us a lot of time, especially with the things it can automate. It has especially saved the DBA's time. We have a lot of other IBM products, so going with this one definitely gives us value, rather than going with another vendor. Senior management is absolutely aware that Guardium has been saving us time and money.

What needs improvement?

I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments.

I'd also like to make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it.

The user groups are really good for giving them feedback. I've seen, over the years, that they take a lot of that customer feedback and they actually implement some of those changes.

Buyer's Guide
IBM Security Guardium Data Protection
October 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.

What do I think about the stability of the solution?

It's pretty stable. It's like any other software, it has its ups and downs: bugs, or configuration issues or things that weren't built exactly in the best way for customers to use. Obviously, they need that kind of feedback from when it's in the environment. But overall, I think it's pretty stable.

What do I think about the scalability of the solution?

I think it scales pretty well. It can run on most of the database platforms currently out there. That is something we really like as a feature, because we try to hit everything in our environment to make sure we're meeting those regulations.

How are customer service and support?

It's pretty good. Sometimes you have to fight through those first couple of walls to get somebody. But they're there for somebody who may not know how their using the tool, who may not be as advanced, so they don't want those kinds of issues to go to their higher-up staff. But for someone who has been using it for a long time, or knows a lot of the different sets and commands that you need to do for that issue, it's a little give-and-take scenario.

Which solution did I use previously and why did I switch?

The company I work for now had the product when I came in.

In terms of important criteria when selecting a vendor, they include what support is like, how trustworthy the company is, and how they respect their clients.

How was the initial setup?

I wasn't involved in the very initial setup, but it had only been configured for a little while and then I was brought on and helped expand the environment.

For my part, it was pretty complex with what we had in our environment. I made sure we were using the discovery, seeing what we had out there, making sure we're meeting all the regulations that we need to meet. There was also building the reports so the auditors can get the information they need.

What other advice do I have?

I would rate it an eight out of 10. To make it a 10 they would need to do streamlining of some of the agent features, some of the patches, make it a little bit more user-friendly on the documentation.

In terms of advice, I would make sure you do a thorough PoC, that you join the virtual user group that meets once a month, as well as a customer user group that IBM is not involved in, where you can also get some candid questions and answers.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
MUHAMMADNADEEM1 - PeerSpot reviewer
Deputy Director at Board Of Revenue
Real User
Top 10
The tool helps detect invalid login attempts within a specific time frame and provides local support in Pakistan
Pros and Cons
  • "The tool helps detect invalid login attempts within a specific time frame."
  • "The solution lacks control over database security."

What is our primary use case?

We want to avoid unauthorized manipulation of data. We evaluated use cases like database discovery, identification of sensitive data, and installation and configuration of custom policies. We also conducted POC for alerts on DDL and DML commands, activity logs of users, restricted access for specific users, reporting, and dashboarding.

What is most valuable?

The tool helps detect invalid login attempts within a specific time frame.

What needs improvement?

The solution lacks control over database security.

For how long have I used the solution?

Our database team has conducted a POC of the solution with the service provider. We plan to purchase the solution.

How are customer service and support?

The support manager of IBM in Pakistan supported us in onboarding the technical and salespersons. They helped us draft and create the solution for our company. The support was above average.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

The price is average. The tool is not cheap, but it is not expensive. The solution is worth the money.

Which other solutions did I evaluate?

There are other solutions like Imperva, but there are no service providers in Pakistan. We need local support as we need multiple deployments.

What other advice do I have?

Since I have not implemented the product yet, I would give it an average rating. Overall, I rate the product an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
IBM Security Guardium Data Protection
October 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Inforomatica tech lead at a tech vendor with 10,001+ employees
Real User
Somewhat outdated with numerous limitations and a problematic UI, although it does protect our data
Pros and Cons
  • "It sends out an immediate alert when there's suspicious activity."
  • "Can't be used for a NoSQL database, which is limiting."

What is our primary use case?

We use this product to protect our information. It provides the added feature of including some protective marking rules on the data. Security is the overall high-level objective for us using this solution. We are customers of IBM and I'm a tech lead.

What is most valuable?

If anyone is trying to access unauthorized data, it sends out an immediate alert to those concerned. 

What needs improvement?

Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.

For how long have I used the solution?

I've been using this solution for three years. 

What do I think about the stability of the solution?

The product is somewhat outdated, but it's stable.

What do I think about the scalability of the solution?

If you implement it on the cloud, it's scalable. But once you scale the solution, dumping the business rules, establishing the configured profile, and maintaining those profiles is a very tedious process. Rather than a centralized solution, it would be better to have a distributed environment. In that case, different servers and different nodes, with each node having control over some of the applications, would be better. 

How are customer service and support?

The support level is based on your license. There is a seating license based on the number of users and a concurrent license that is unlimited. If you're at L1, the support is very responsive. For L2 and L3 things move more slowly.

How was the initial setup?

The initial setup needs a lot of coordination and effort. It also requires an information security officer to identify the risk levels of the applications. Monitoring requires a dedicated infrastructure team. We carried out the deployment in-house. Implementation time depends on the degree to which you want to scale and what you're using it for. 

Deployment requires admin support, enterprise-level LDAP authentication services, and application leads. Depending on your infrastructure, you may also require an information security officer and security team as well as security engineers.

What's my experience with pricing, setup cost, and licensing?

There are various licensing models. 

What other advice do I have?

This tool works very well with IBM products but not so well with other tools. 

I rate the solution six out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Peter Arabomen - PeerSpot reviewer
Security Engineering, Team Lead at Fidelity Bank Plc
Real User
Top 5
Stable and scalable data activity monitoring application, with an easy setup and competent technical support
Pros and Cons
  • "Easy to set up data activity monitoring solution that provides competent technical support. Scalable, stable, and has good performance."
  • "More automation, user guides, and tips would make this solution better."

What is our primary use case?

IBM Guardium Data Protection is used not just for protecting data, but also for vulnerability protection. We use it to monitor our active users, activity, and databases, to look at the kind of commands users do on the databases.

We also use the solution to restrict unauthorized users from accessing the databases. Apart from restricting unauthorized users from accessing these databases, we also need to have the stability to add the database, then switch to another database.

We can also turn on the blocking feature of IBM Guardium Data Protection to ensure that some IPs are unable to connect to some databases.

What is most valuable?

I like IBM Guardium Data Protection because of its good performance. The resources aren't used up to the detriment of the application. It's robust, and we don't really have any serious downtime on it. The support for the application is also okay.

What needs improvement?

An area for improvement in IBM Guardium Data Protection is automation. I would want it to be more automated, as it runs too much on manual processes. More processes should be automated on the application.

For example: I want a learning environment where IBM Guardium Data Protection can learn the behavior of an environment, e.g. it should be more intelligent, because there is no intelligence yet on the application. It should be able to learn, e.g. you cannot try to block IBM Guardium Data Protection, in general. This is what I want to see: I want to be able to block it, in general.

I want the application to be able to learn, and learn from the environment. IBM should try to bring in more of e-learning to the application. That's another thing that's missing.

What I'd like to see in the next release of IBM Guardium Data Protection is for them to make resources available for the end users to be able to do a self-study, to understand more deeply how the environment works. Having user guides so people can learn more on what the application can do, about its operations, etc. I would like them to occasionally give users tips, e.g. how to do something, how to make your work easy, etc. This is how they can add value, in particular give more value for money, as they give valuable tips, just like how Microsoft does it, for example: "You can use IBM Guardium Data Protection to do this", then they should explain how to do it.

For how long have I used the solution?

We've been using IBM Guardium Data Protection for two years.

What do I think about the stability of the solution?

IBM Guardium Data Protection is a stable application.

What do I think about the scalability of the solution?

IBM Guardium Data Protection is a scalable application.

How are customer service and support?

IBM Guardium Data Protection support is okay. Their response time is fine. They have very competent technicians, and their response is high-level.

How was the initial setup?

The setup for IBM Guardium Data Protection was not that complicated. It was easy.

Which other solutions did I evaluate?

We evaluated Imperva.

What other advice do I have?

We use IBM Guardium Data Protection for our databases. I can't remember the version we're currently using.

I don't think IBM Guardium Data Protection charges you based on the number of users, e.g. they charge based on the number of licenses, and it's either on a per-license or a per-data basis, so I cannot give the number of users currently using the application.

Increasing the usage of IBM Guardium Data Protection depends on the budget. Nobody wants to increase costs, but costs are increasing, so I don't think we plan on increasing usage for the application.

For the deployment of the application, we have the OEM and our technical team in charge.

I'm giving IBM Guardium Data Protection a rating of nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ile Ristov - PeerSpot reviewer
Sales Manager at InTec System
MSP
Top 10
A powerful tool that can be used for the protection and hardening of databases
Pros and Cons
  • "The most valuable feature of the solution for the customers is the monitoring and full log of the database activity of privileged users."
  • "The solution could be improved for NoSQL databases."

What is our primary use case?

Our customers include financial institutions like banks, insurance companies, and government entities that use IBM Security Guardium Data Protection for the protection and hardening of their databases.

What is most valuable?

The most valuable feature of the solution for the customers is the monitoring and full log of the database activity of privileged users. It includes everything happening on the network and locally on the database server.

What needs improvement?

The solution's pricing should be reduced because it is very high. The solution could be improved for NoSQL databases. From the functionality point of view, the solution has almost everything you need for your database. Overall, the product's functionalities align with the customer's needs.

For how long have I used the solution?

I have been using IBM Security Guardium Data Protection for more than ten years.

What do I think about the stability of the solution?

I rate IBM Security Guardium Data Protection a nine out of ten for stability.

What do I think about the scalability of the solution?

Our clients are mostly enterprise businesses.

I rate IBM Security Guardium Data Protection ten out of ten for scalability.

How are customer service and support?

Technical support is always challenging with IBM, but overall it's okay.

How would you rate customer service and support?

Positive

How was the initial setup?

IBM Security Guardium Data Protection is easy to set up and maintain.

What about the implementation team?

Implementing IBM Security Guardium Data Protection takes up to ten days, but the customization and the customer requirement span from one month to six months.

You need to install the product. It's a virtual appliance or a hardware appliance depending on the implementation. When it's set up, the agent must be deployed. Then you have to set the policy. The policy relies on the outcome that the customer wants in the report regarding what has been done with the database and what has been changed.

What's my experience with pricing, setup cost, and licensing?

The solution's pricing was higher before it was acquired. The policy should be for smaller customers to have SMB pricing and for bigger customers to have bigger pricing.

On a scale from one to ten, where one is low price, and ten is very high price, I rate the solution's pricing a nine out of ten.

What other advice do I have?

It is the only solution that can meet the needs of both internal and external audits. It's a very powerful tool that can solve a lot of audit needs.

Overall, I rate IBM Security Guardium Data Protection ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Raphael Moore - PeerSpot reviewer
Policy manager at National Grid
Real User
Top 20
Deployment is complex but the tech support is good
Pros and Cons
  • "I think IMB's technical support is good."
  • "Personally, I would not recommend this product."

What is our primary use case?

Our primary use case for IBM Guardium Data Protection is audit logging. We monitor transactions and access particular tables in the database with it. 

What needs improvement?

I would like to see improvements in scalability and easier installation.

For how long have I used the solution?

I have been using IBM Guardium Data Protection for three years. 

What do I think about the scalability of the solution?

Personally, I have not been very involved with IBM Guardium Data Protection for the last couple of years. However, I think we've had some problems scaling it, but I'm not the right person, really, to answer questions about scalability. My understanding is that there has been some frustration with scaling it, but those may be local issues.

How are customer service and support?

I think IMB's technical support is good. 

How was the initial setup?

The installations are complex. They take several days.

What about the implementation team?

We had help from IBM with deployment.

What's my experience with pricing, setup cost, and licensing?

We pay yearly.

Which other solutions did I evaluate?

We initially looked at Oracle's own products, but we had legacy databases so we didn't really have many options. We had old flavors of Oracle in place.

What other advice do I have?

Personally, I would not recommend this product. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Security Manager at a healthcare company with 10,001+ employees
Real User
We use it to support security initiatives and combine policies within the organization
Pros and Cons
  • "Our ability to see when users are accessing sensitive data."
  • "We use IBM Guardium to support security initiatives and combine policies within the organization."
  • "The front-end works very well."
  • "Gathering ​the data works very well. ​"
  • "One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data."
  • "Using the data in native Guardium is difficult, at best."

What is our primary use case?

Primarily re-monitoring sensitive data and privilege user access. 

How has it helped my organization?

One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

What is most valuable?

  • Our ability to see when users are accessing sensitive data. 
  • The front-end works very well. 
  • Gathering the data works very well. 

We are using quite a few of the advanced features. Some of those include some scripting for integration with our other security tools in the environment along with data collection, and the ability to use large data formats for monitoring and information. 

What needs improvement?

One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Guardium is very stable. The only outages that we have had have been self-induced, which is hard to admit. As a platform, it provides great stability.

What do I think about the scalability of the solution?

Guardium should meet our needs going forward. 

We have only been using Guardium for a short period of time, so we had some growth problems. It is just like growing into your body. Your knees start to hurt after a little while, but once you get through that growth spurt, you get your win and you keep going and you are able to grow and expand. I think the way we have it implemented, we will be able to grow and scale as the organization grows. 

How is customer service and technical support?

We use technical support very frequently. We actually have a weekly call with our sponsor where we go through all of our different support questions. We are on a week-to-week basis where we follow-up with all our questions. We are on the leading edge for Guardium implementations. The version that we are on, it makes us a Fortune Six organization with the current version for all of our data. It requires a lot of support as we grow and mature with the product and with our organization's growth. 

How was the initial setup?

Our initial setup was pretty straightforward because we were just figuring out how it worked. Over the last two years, we have introduced our own complexities to accommodate our requirements. Would I say that it is complex to us today? No. To the average Guardium user? Yes, it would be complex.

Which other solutions did I evaluate?

We did evaluate other vendors. Guardium was a large purchase. We did our due diligence as we were responsible for the purchase process. Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it. 

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1260978 - PeerSpot reviewer
reviewer1260978Works at a tech services company with 501-1,000 employees
Real User

Easy to use.

PeerSpot user
Operator at Halliburton
Real User
Provides a unified key management system to help simplify encryption key management
Pros and Cons
  • "Efficiency is key and IBM Guardium provides information in a heartbeat, but protects the data with military grade encryption."
  • "Security policy enforcement of policy-based encryption and centralized encryption key management allows us to maintain data in a secure environment."
  • "Provides a unified key management system to help simplify encryption key management."
  • "I would like to see IBM Guardium have other encryption algorithms employed."

What is our primary use case?

To keep track of client information, index security risks, and other information needed at a moments notice. IBM Guardium performs transparent encryption and decryption provides on the fly encryption without needing to be indoctrinated into lengthy training to use it. 

How has it helped my organization?

Efficiency is key and IBM Guardium provides information in a heartbeat, but protects the data with military grade encryption. IBM Guardium is used for file and database security for protecting structured and unstructured data. Security policy enforcement of policy-based encryption and centralized encryption key management allows us to maintain data in a secure environment.

What is most valuable?

IBM Guardium provides a unified key management system to help simplify encryption key management. In a large organization, this is a critical feature and IBM went above and beyond while developing the software. 

What needs improvement?

Personally, I would like to see IBM Guardium have other encryption algorithms employed, such as DES/3DES or TripleDES, Twofish, Blowfish, or IDEA. I especially would like to see Twofish used, since it is a block cipher designed by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists and is unpatented and open source.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

No, IBM Guardium is well designed and compatible with Windows-based computers.  

What do I think about the scalability of the solution?

I have not had nor do I know of any such issues. I believe the design of IBM Guardium is perfect for small to large scale settings, and does not reduce accessibility to content with on the fly encryption.

Which solution did I use previously and why did I switch?

No, IBM Guardium was already in use. 

What was our ROI?

Unknown, since I was not involved with the purchase. 

What's my experience with pricing, setup cost, and licensing?

I would suggest to review the type of data, need for security, and if the organizational structure needs the options IBM Guardium provides. 

Which other solutions did I evaluate?

No, there was no need to. 

What other advice do I have?

Put simply, human error is often the downfall of computer security. When using IBM Guardium, or any encryption software for that matter, use common sense: Encrypt data when not in use, watch where you enter in passwords (not at Starbucks in view of security cameras that can be retrieved by an adversary, or the person next to you), and watch out not to inadvertently install spyware while clicking on a random link. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer796830 - PeerSpot reviewer
reviewer796830Network/Data Security Engineer at a tech company with 10,001+ employees
Real User

csrc.nist.gov
Most of the ciphers you ask for should not be used, or are not FIPS 140-2 compliant, can I ask why you want those grade C/D ciphers?
The reasons why they might not be provided are in the above NIST guideline.

Disclaimer: I do not work for IBM Security and therefore do not speak as a vendor or for IBM, for official responses please contact IBM support.

Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Product Categories
Database Security
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.