Try our new research platform with insights from 80,000+ expert users
PeerSpot user
Solution Architect at a financial services firm with 10,001+ employees
Real User
Ability to define reports based on SQL query, especially when you have complex report criteria.
Pros and Cons
  • "Ability to define reports based on SQL query, especially when you have complex report criteria."
  • "Deployment process is very complicated as you need to now all advanced parameters. Almost not possible to figure out for yourself."

What is most valuable?

* Quick search

* Ability to define reports based on SQL query, especially when you have complex report criteria.

* Stream audit data to 2 collectors simultaneously.

* GIM passive install. You can connect GIM from Colletor or CM when GIM is running in listening mode.

How has it helped my organization?

Can't tell as I did POC only.

What needs improvement?

* First of all. GUI and user experience needs to be reworked from scratch. Product management console look like from 90's.

* Deployment process is very complicated as you need to now all advanced parameters. Almost not possible to figure out for yourself.

* Central Manager (CM) needs rework to. Some configuration params still needs to be done on collectors locally.

* Agent statistics is not available by default. You have to make a report and still you will not see all information like data interface activity.

* Dynamic datasets is rocket science. To make it work you have to build several additional procedure, which make it extremely fragile.

* Audit data is a single block. if you have several policies you can't purge data for specific policy.

* Collectors requires enormous amounts of resources comparing to other products available on the market.

For how long have I used the solution?

a month only to evaluate this product

Buyer's Guide
IBM Security Guardium Data Protection
October 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.

What was my experience with deployment of the solution?

Yes, during the deployment you get nothing out of the box. You have to manually configure everything. Tune parameters for agent, collectors. Agent deployment is very complicated.

What do I think about the stability of the solution?

Yes, scaling the product might be a tricky task as you have to configure parameters locally or collectors or agents.

What do I think about the scalability of the solution?

Product looks easily scalable.

How are customer service and support?

Customer Service:

SMEs that were together with me during the POC were very technical and did understand their product.

Technical Support:

n/a for POC

Which solution did I use previously and why did I switch?

Yes we use Imperva SecureSphere, and still use it as Guardium has failed POC. We were not able to replicate our current deployment and some major issues, Guardium had, prevented us from selecting this product.

How was the initial setup?

It was extremely complex. Without IBM support it would take years for you to setup infrastructure.


What about the implementation team?

Throught the vendor team. These guys were very technical and helped me to understand each steps during the POC

What was our ROI?

n/a

What's my experience with pricing, setup cost, and licensing?

We haven't talked much about pricing and licencing. But it is not cheap for sure

Which other solutions did I evaluate?

We haven't chosen this product.

What other advice do I have?

If you have complicated report requirements which involves very specific filtering and/or aggregation. And you have lots of resources in your virtual platform. Then give it a try.

Also I suggest you take a look at other top grade product like Imperva SecureShere. the reduction in resource requirements is 3 times less and it have plenty of nice features out of the box.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Manager at PT Permata Anugerah Abadi
Real User
Top 5Leaderboard
Provides data protection and efficient technical support services
Pros and Cons
  • "The platform provides data protection from internal and external threats."
  • "There could be a feature to integrate and protect multiple databases. The local support services need improvements as well."

What is our primary use case?

We use the product to permanently protect data from unauthorized user access, malware, and external threats.

What is most valuable?

The platform provides data protection from internal and external threats. It has good features for reporting and integration with other products.

What needs improvement?

There could be a feature to integrate and protect multiple databases. The local support services need improvements as well.

For how long have I used the solution?

We have IBM Security Guardium Data Protection implementation since 2013.

What do I think about the stability of the solution?

The platform has good stability.

What do I think about the scalability of the solution?

We have almost 10,000 IBM Security Guardium Data Protection in our organization. I rate its scalability a nine out of ten.

How are customer service and support?

The technical support team responds quickly. However, there could be a local team to reach out instead of contacting the headquarters.

How was the initial setup?

The initial setup process is straightforward. It can be deployed on-premise and in the cloud. It takes an hour to complete deployment.

What about the implementation team?

We implement the process in-house.

What's my experience with pricing, setup cost, and licensing?

It is not an expensive product. We purchase its yearly license.

What other advice do I have?

I recommend IBM Security Guardium Data Protection and rate it a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
IBM Security Guardium Data Protection
October 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
CyberSecurity Leader Specialist at KLNCIT
Real User
It lets you centrally manage aggregators and collectors
Pros and Cons
  • "Guardium lets you centrally manage aggregators and collectors."
  • "The documentation could be better."

What is our primary use case?

We use Guardium for large and medium-sized clients in the banking sector for things like monitoring, protecting sensitive data, and logins.

What is most valuable?

Guardium lets you centrally manage aggregators and collectors.

What needs improvement?

The documentation could be better. 

For how long have I used the solution?

I have used Guardium for two or three years.

What do I think about the stability of the solution?

Guardium is stable.

What do I think about the scalability of the solution?

Guardium is scalable.

How are customer service and support?

IBM support is perfect. 

How was the initial setup?

The initial setup isn't complex, and it takes about four or five days depending on your environment.

What's my experience with pricing, setup cost, and licensing?

We pay for a yearly license, and the price is reasonable. 

What other advice do I have?

I rate IBM Guardium Data Protection 10 out of 10. Anyone can understand this product.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
App Mainframe And Storage at a financial services firm with 1,001-5,000 employees
Real User
It's one of the first to encrypt DB2 databases, but the technology needs to mature a little more
Pros and Cons
  • "It's one of the first to encrypt DB2 databases."
  • "It was difficult implementing it, configuring it, getting it up and running and in production. However, since then, I believe it has stabilized."

What is our primary use case?

We acquired Guardium to encrypt certain databases to meet a customer requirement.

It has been performing to spec.

How has it helped my organization?

We use Guardium to support security initiatives and compliance policies within our organization. The encryption meets a requirement. It was a requirement of a customer. I don't think it is a compliance requirement, but it did come through as a request from a prospective client, so we implemented it.

I don't know if this solution has helped us to comply with Industry regulations like SOX, UCI or GDPR. We have not integrated it with other systems we use. I would not say it has saved us time or money.

What is most valuable?

I understand that it's one of the first to encrypt DB2 databases.

I'm not able to answer whether we're using any of the advanced features.

What needs improvement?

This would be a question for one of the technical folks, probably not for me.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It was difficult implementing it, configuring it, getting it up and running and in production. However, since then, I believe it has stabilized.

What do I think about the scalability of the solution?

We haven't really tested the scalability with it as yet, we're really only encrypting a very small percentage of our data.

How is customer service and technical support?

Technical support is interesting because, when we implemented Guardium, it was a partnership of IBM with the company that, I think, Guardium either partnered with or acquired since then. So, even though support was funneled through IBM, it was actually performed by the third-party software company, and it was difficult and challenging at times. There was a layer of interpretation between IBM and Rocket Software, and sometimes that was helpful and other times not so much.

What other advice do I have?

In terms of advice, I would say allow the technology to mature a little more. I think we were one of the first, if not the first, to implement Guardium. And, like I said before, it was kind of painful, but let the maturation process run it's course. I'd say learn from other people's mistakes or, not so much mistakes, just experiences. Benefit from other peoples' pain, bumps, and bruises.

I rate it seven out of 10 only because it's a unique, niche offering that is not, that I know of, offered elsewhere in the marketplace. It fills a need, which is good. I don't know how prevalent the need is in the marketplace but it's nice to have an offering there that, when needed, you can implement something.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior System Administrator IBM Certified Specialist Infosphere Guardium at a financial services firm with 1,001-5,000 employees
Real User
It can provide the logs for the activities performed by the privileged users across the all databases including MSSQL, DB2, Teradata, Oracle Sybase and many more.

What is most valuable?

Database activity monitoring (DAM)

How has it helped my organization?

It can provide the logs for the activities performed by the privileged users across the all databases (MSSQL, DB2, Teradata, Oracle Sybase and many more) which can avoid the internal frauds and keep data secured. It can also alert if any hackers tried to log-in to the databases from failed login alerts.

What needs improvement?

Some improvements were needed in version 9.6, those are covered in version 10 already. If we face any issues or bugs in the product IBM provides the patch on that.

For how long have I used the solution?

Since last 4 years I am working on this project and organisation using this sine seven years

What was my experience with deployment of the solution?

There are very less or minimal issues deployment those might be due to the human error , IBM documented the all steps in details for the deployment and they are available on internet.

What do I think about the stability of the solution?

Yes there was the issue on the high CPU utilisation by Guardium services ,on the database host but IBM has introduce the Guardium service monitoring service(watch dog process) which auto restart the Guardium services when CPU utilisation reach the defined threshold percentage.

What do I think about the scalability of the solution?

If you follow the recommended configuration as per the IBM and correct capacity sizing done there is no issues.

How are customer service and technical support?

Customer Service:

8 out of 10

Technical Support:

8 out of 10

Which solution did I use previously and why did I switch?

NA

How was the initial setup?

Initial setup is very easy to perform . this has only 4 level architecture (Central Manager-->Aggregator-->Collector-->Guardium STAP agent)

What about the implementation team?

we are implementing In-house with help of documents

What's my experience with pricing, setup cost, and licensing?

Little high as compare to other products available in the market but the service provided by vendor is great and there are many additional functionalities as compare to other tools

Which other solutions did I evaluate?

NA

What other advice do I have?

vast product as there are many features of this product to full fill the customer requirements, and less expertise are the there worldwide.

Disclosure: My company has a business relationship with this vendor other than being a customer: I worked for the bank , this is very useful tool to secure the information .
PeerSpot user
Junior Software Engineer at a computer software company with 201-500 employees
Real User
Secure, easy to scale, easy installation, and reliable
Pros and Cons
  • "IBM Guardium Data Protection is very good at keeping your database secure."
  • "It would be helpful, and convenient to improve the Chat support."

What is our primary use case?

We are using this solution for a PoC.

IBM Guardium Data Protection is used to create policies, and rules for database access management.

What is most valuable?

IBM Guardium Data Protection is very good at keeping your database secure.

What needs improvement?

It would be helpful, and convenient to improve the Chat support.

For how long have I used the solution?

I have been using IBM Guardium Data Protection for four months.

What do I think about the stability of the solution?

I have not had any issues with the stability.

What do I think about the scalability of the solution?

IBM Guardium Data Protection is a scalable solution.

Currently, as we are conducting PoCs, I am the only user. We created an in-house environment at my office. It is not yet ready to be used at the commercial level.

How are customer service and technical support?

They have good support when they are opening a case, but when on the Chat, the support is not good.

It would be helpful, and convenient to improve the Chat support.

How was the initial setup?

We had IBM appliances, which made it very easy to add. 

We added it to the virtual machine.

The installation was complete in 20 minutes.

What about the implementation team?

I was able to complete the installation myself.

What's my experience with pricing, setup cost, and licensing?

We are working with the trial version.

Licensing fees are paid on a yearly basis.

I don't have all of the information regarding the pricing, but my understanding is that it is on the high side. 

What other advice do I have?

IBM, in general, is the best. I would recommend this solution to others.

I am not familiar with other products. I only know IBM Guardium.

I would rate IBM Guardium Data Protection a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
it_user844479 - PeerSpot reviewer
People Leader Of Cyber Strategy And Solutions at a insurance company with 10,001+ employees
Real User
We use it to create smarter controls for monitoring data
Pros and Cons
  • "Its ability to find data."
  • "We are using it to do a lot of data discovery from a data classification for structured data."
  • "The tech support is very knowledgeable."
  • "I am struggling getting through to social."

What is our primary use case?

Database monitoring. At the moment, we are using it to do a lot of data discovery from a data classification for structured data.

What is most valuable?

Its ability to find data. Once I find data, I can leverage it to perform specific select statements against PII data and do smarter controls rather than monitoring the entire database. 

What needs improvement?

My only negative thing on Guardium would be it is too smart. I am struggling getting through to social. In an ideal world, I would be able to populate every US zip code and have Guardium find the number, then identify it as a zip code. Right now, I have to pull it down and compare it.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

It is a stable product. We just finished upgrading to version 10, and had no issues with the upgrade. We are excited about working with the newest version.

What do I think about the scalability of the solution?

It should meet our need going forward as it is a huge product. We have scanned 7000 SQL databases and 1500 Oracle Databases.

How is customer service and technical support?

We have a strong partnership with IBM. Their tech support is very knowledgeable.

How was the initial setup?

The initial setup was before me.

We are doing what we call a reboot of the product. We are calling it the Guardium reboot project. We are starting back with the classifications to understand what controls we are implementing, thus stepping back to step forward. We are doing this because in the beginning we moved forward by getting everything monitored without being smart about what data was monitored.

What about the implementation team?

We implemented the most recent upgrade in-house.

What other advice do I have?

Most important criteria when selecting a vendor: At the end of the day, it would have to be the support and relationship. There are a lot of smart people out there building products which do things. However, not everyone can use them, and without having someone to call, it is sort of its own disadvantage. 

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user842901 - PeerSpot reviewer
Data Architect at a transportation company with 1,001-5,000 employees
Real User
Makes database monitoring more visible to the business, helps with GDPR/SOX compliance
Pros and Cons
  • "It's made database monitoring more visible to the business, creating more conversations about how we should do it better."
  • "Needs nore cloud support."
  • "We've had some issues recently that we're working through, on the agent software that runs on the databases."
  • "Setup can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take."

What is our primary use case?

Database activity monitoring.

Its performance is good, most of the time.

How has it helped my organization?

The benefit is that it's made database monitoring more visible to the business, creating more conversations about how we should do it better. So it's increased the visibility and discussion.

It also helps us with GDPR and SOX compliance and just looking at specific policies around; protecting sensitive data. 

We haven't integrated it with other systems we use.

In terms of saving us time and money, I'm not sure if Guardium does. I know we spend more time and money to cover monitoring, this is something we didn't do before, so I think it's more about the capabilities it's given us.

What is most valuable?

The architecture and the robustness of the data it produces.

Regarding advanced features, I'm using enforcement in the policies. In the future I would like to do more classification. 

What needs improvement?

More cloud support. 

What do I think about the stability of the solution?

For the most part, it's pretty stable. We've had some issues recently that we're working through, on the agent software that runs on the databases.

What do I think about the scalability of the solution?

The scalability is good.

How is customer service and technical support?

I would say tech support is about a seven out of 10.

How was the initial setup?

It can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take.

What other advice do I have?

Our most important criteria when selecting a vendor are stability and architecture.

I rate this solution a nine out of 10 because there are a few things I'm working through that I would like to see improved, mostly around the stability on the agent software side, working with the database vendors.

Regarding advice, I would recommend you use it and that you try to leverage IBM's support and services as much as possible to help get through the initial installation and configuration.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Product Categories
Database Security
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.