IBM Security Guardium Data Protection Reviews

Our primary use case for IBM Guardium Data Protection is audit logging. We monitor transactions and access particular tables in the database with it. 

I would like to see improvements in scalability and easier installation.

I have been using IBM Guardium Data Protection for three years. 

Personally, I have not been very involved with IBM Guardium Data Protection for the last couple of years. However, I think we've had some problems scaling it, but I'm not the right person, really, to answer questions about scalability. My understanding is that there has been some frustration with scaling it, but those may be local issues.

I think IMB's technical support is good. 

The installations are complex. They take several days.

We had help from IBM with deployment.

We pay yearly.

We initially looked at Oracle's own products, but we had legacy databases so we didn't really have many options. We had old flavors of Oracle in place.

Personally, I would not recommend this product. 

The primary use case for most of our customers is for monitoring and compliance. It's mostly deployed on-premises and it's a database activity monitoring solution. 

The most valuable features have been how easy it is to deploy and use, as well as the comprehensive monitoring options. These are a few things that customers like most about this product. 

The analysis part of this product could be improved. It's a very comprehensive product, so the features it has complement customer requirements. But I would like to see more emphasis on analytics, and it would be great if they added machine learning. They already have analysis insights, but a comprehensive analytical feature that's already incorporated into the solution would be very helpful. 

I have been working with IBM Guardium for the past 10 years. 

This solution is stable and reliable. 

This solution is scalable. That's one of the missions of this product—it can scale. 

I think technical support is generally helpful, but it depends on the situation and the complexity of the problem. Most of the time, we resolve customers' issues ourselves, but technical support is helpful whenever I do require their help. 

Most of the time, the deployment process is straightforward. There is a specific process which isn't too complicated or difficult. The amount of maintenance that will be required depends on the deployment. When we set up the solution, we usually try to optimize it so that it requires little maintenance. 

My company provides implementation services to customers. 

Guardium is most suitable for large scale enterprises because the pricing model is better if you are implementing a large number of databases. It may be suited to medium enterprises, but to a lesser extent. It depends on customer requirements, but it's best suited to large companies because of affordability. 

I have experience with Oracle Audit Vault and Imperva SecureSphere Database Security, which are the two main competitors. If you compare Guardium with Audit Vault, the main differences are in the deployment model, how they work, and the focus of each product with regard to monitoring. Audit Vault has a different deployment method. Imperva is more similar to Guardium. 

If you are looking to implement Guardium, you first need to understand your requirements. The objective of these database and security monitoring solutions is for compliance and auditing. You want a solution that will monitor everything, but the main objective is to monitor the right areas or the key parts of the area that should be monitored. This is the one thing customers should consider before choosing any database or similar solution. 

We have good relationships with our customers, so whenever they're looking for a solution, we try to partner with them and align them with a product that will meet their needs. Usually when we go with this product, we go with SQL first, then go for integration deployment. Our recommendations are based on customer requirements. Even if it's a good product, it may not be a good fit for the customer. 

I would rate this product an eight out of ten, just because there's always room for improvement. 

Our primary use case of this product is for privileged database activity monitoring. We are customers of IBM and I'm the DBA.

We use the GBDI feature which is very helpful for our needs. The centralization of data is probably the most valuable feature because we span multiple database technologies. 

In general, I find the solution a little complicated to use. Another problem is that we have  encrypted traffic on Oracle and it requires a database outage. That's creates problems because you're monitoring critical systems and they don't like outages.

The solution has been pretty stable for us. 

Our environment is pretty small for scalability purposes, so scalability is not relevant. In terms of the collectors agency, you can always add them. From that perspective, it's scalable, but it introduces more complexity because the more collectors you have, the more management is required. We don't allow people to connect and use self-service. We produce reports for the application teams from the tool ourselves, which is why we only have around 15 users involved in deployment, maintenance and reporting.

The professional services we initially received were really good. Technical support has been okay; it's not outstanding, but it hasn't been too bad either.

The initial setup is quite complex so we used IBM professional services for implementation. We're still in the process of deploying, it's taking a while. That doesn't reflect on the solution; we're very lean with staff and I think that's probably the issue.

If I were choosing a solution now, I would probably look at Imperva and Insights, and go the agentless route, rather than deal with collectors. They still have them with the new system, but they're a little lighter weight. From a manageability perspective, from a scalability perspective, in terms of supporting model databases, they seem to be more viable solutions moving forward.

I rate this solution an eight out of 10. 

We use the product to permanently protect data from unauthorized user access, malware, and external threats.

The platform provides data protection from internal and external threats. It has good features for reporting and integration with other products.

There could be a feature to integrate and protect multiple databases. The local support services need improvements as well.

We have IBM Security Guardium Data Protection implementation since 2013.

The platform has good stability.

We have almost 10,000 IBM Security Guardium Data Protection in our organization. I rate its scalability a nine out of ten.

The technical support team responds quickly. However, there could be a local team to reach out instead of contacting the headquarters.

The initial setup process is straightforward. It can be deployed on-premise and in the cloud. It takes an hour to complete deployment.

We implement the process in-house.

It is not an expensive product. We purchase its yearly license.

I recommend IBM Security Guardium Data Protection and rate it a nine out of ten.

Our primary use case is for managing and monitoring the database in real time.

The most valuable feature I have found is the performance of client monitoring. The other competitors are unable to do this.

I would like to see AI and machine learning added in the future.

I have been working with IBM Security Guardium Data Protection for two years. 

We have found the stability is very good.

All that is necessary for scaling IBM Security Guardium Data Protection is to purchase a license. We have a lot of customers since we are in the finance industry in Vietnam.

We have excellent technical support in-country and out of the country.

The initial setup is straightforward and takes a short time to install.

The price is good for the quality of the solution.

I would rate IBM Security Guardium Data Protection an eight out of ten.

We use Guardium for large and medium-sized clients in the banking sector for things like monitoring, protecting sensitive data, and logins.

Guardium lets you centrally manage aggregators and collectors.

The documentation could be better. 

I have used Guardium for two or three years.

Guardium is stable.

Guardium is scalable.

IBM support is perfect. 

The initial setup isn't complex, and it takes about four or five days depending on your environment.

We pay for a yearly license, and the price is reasonable. 

I rate IBM Guardium Data Protection 10 out of 10. Anyone can understand this product.

We use IBM Guardium Data Protection mostly for data masking and firewalling. We restrict the administrators and other users from altering or deleting anything from the databases.

There are different modules but the most valuable ones are firewalling and masking. Additionally, the auditing of the entire database is helpful, which includes all the activity of the database users and administrators. We can monitor everything and log as well.

If IBM Guardium Data Protection could find a way to not have a lot of coding and development required to get the solution up and running it would be an advantage. The information of the agent could improve, which is necessary for us to monitor the databases would be a great benefit.

I have used IBM Guardium Data Protection within the last 12 months.

The solution is quite stable compared to the other solutions that we have worked with. However, it requires a lot of development, or it requires a lot of effort to make it deployable in a customer location, which makes it very difficult.

IBM Guardium Data Protection is scalable.

The solution is good and stable but you need some manual efforts in terms of development and programming or coding to get the solution up and running, which does make it a bit challenging if you don't have a large team.

I rate IBM Guardium Data Protection a seven out of ten.

My primary use of this solution is for database activity monitoring.

The most valuable features of this product are activity monitoring on the database servers, discovery capabilities, and vulnerability scanning.

An area for improvement would be the user interface - currently, it takes around two to three months to become comfortable using it. In the next release, I would like to see more integration with other vault vendors.

I've been using this solution for five years.

The product is stable - during my time using it, I have not had any crash problems with the servers, and I haven't needed to do any restarts.

I haven't had any problems with the global and local support for this product.

The initial setup was basic and easy and didn't take much time.

The cost of this product is reasonable but could be lowered to a more competitive level.

Guardiam's accountability is good - by design, it doesn't give any root privilege to customers, which means we don't have highly important privilege for access to Guardiam. They use only a user level, so kernel-level users are prohibited, which means there aren't any accidental effects from the customer side. I would rate this solution as eight out of ten.