IBM Security Guardium Data Protection Reviews

* Quick search

* Ability to define reports based on SQL query, especially when you have complex report criteria.

* Stream audit data to 2 collectors simultaneously.

* GIM passive install. You can connect GIM from Colletor or CM when GIM is running in listening mode.

Can't tell as I did POC only.

* First of all. GUI and user experience needs to be reworked from scratch. Product management console look like from 90's.

* Deployment process is very complicated as you need to now all advanced parameters. Almost not possible to figure out for yourself.

* Central Manager (CM) needs rework to. Some configuration params still needs to be done on collectors locally.

* Agent statistics is not available by default. You have to make a report and still you will not see all information like data interface activity.

* Dynamic datasets is rocket science. To make it work you have to build several additional procedure, which make it extremely fragile.

* Audit data is a single block. if you have several policies you can't purge data for specific policy.

* Collectors requires enormous amounts of resources comparing to other products available on the market.

a month only to evaluate this product

Yes, during the deployment you get nothing out of the box. You have to manually configure everything. Tune parameters for agent, collectors. Agent deployment is very complicated.

Yes, scaling the product might be a tricky task as you have to configure parameters locally or collectors or agents.

Product looks easily scalable.

SMEs that were together with me during the POC were very technical and did understand their product.

n/a for POC

Yes we use Imperva SecureSphere, and still use it as Guardium has failed POC. We were not able to replicate our current deployment and some major issues, Guardium had, prevented us from selecting this product.

It was extremely complex. Without IBM support it would take years for you to setup infrastructure.

Throught the vendor team. These guys were very technical and helped me to understand each steps during the POC

n/a

We haven't talked much about pricing and licencing. But it is not cheap for sure

We haven't chosen this product.

If you have complicated report requirements which involves very specific filtering and/or aggregation. And you have lots of resources in your virtual platform. Then give it a try.

Also I suggest you take a look at other top grade product like Imperva SecureShere. the reduction in resource requirements is 3 times less and it have plenty of nice features out of the box.

We use the product to permanently protect data from unauthorized user access, malware, and external threats.

The platform provides data protection from internal and external threats. It has good features for reporting and integration with other products.

There could be a feature to integrate and protect multiple databases. The local support services need improvements as well.

We have IBM Security Guardium Data Protection implementation since 2013.

The platform has good stability.

We have almost 10,000 IBM Security Guardium Data Protection in our organization. I rate its scalability a nine out of ten.

The technical support team responds quickly. However, there could be a local team to reach out instead of contacting the headquarters.

The initial setup process is straightforward. It can be deployed on-premise and in the cloud. It takes an hour to complete deployment.

We implement the process in-house.

It is not an expensive product. We purchase its yearly license.

I recommend IBM Security Guardium Data Protection and rate it a nine out of ten.

We use Guardium for large and medium-sized clients in the banking sector for things like monitoring, protecting sensitive data, and logins.

Guardium lets you centrally manage aggregators and collectors.

The documentation could be better. 

I have used Guardium for two or three years.

Guardium is stable.

Guardium is scalable.

IBM support is perfect. 

The initial setup isn't complex, and it takes about four or five days depending on your environment.

We pay for a yearly license, and the price is reasonable. 

I rate IBM Guardium Data Protection 10 out of 10. Anyone can understand this product.

We acquired Guardium to encrypt certain databases to meet a customer requirement.

It has been performing to spec.

We use Guardium to support security initiatives and compliance policies within our organization. The encryption meets a requirement. It was a requirement of a customer. I don't think it is a compliance requirement, but it did come through as a request from a prospective client, so we implemented it.

I don't know if this solution has helped us to comply with Industry regulations like SOX, UCI or GDPR. We have not integrated it with other systems we use. I would not say it has saved us time or money.

I understand that it's one of the first to encrypt DB2 databases.

I'm not able to answer whether we're using any of the advanced features.

This would be a question for one of the technical folks, probably not for me.

It was difficult implementing it, configuring it, getting it up and running and in production. However, since then, I believe it has stabilized.

We haven't really tested the scalability with it as yet, we're really only encrypting a very small percentage of our data.

Technical support is interesting because, when we implemented Guardium, it was a partnership of IBM with the company that, I think, Guardium either partnered with or acquired since then. So, even though support was funneled through IBM, it was actually performed by the third-party software company, and it was difficult and challenging at times. There was a layer of interpretation between IBM and Rocket Software, and sometimes that was helpful and other times not so much.

In terms of advice, I would say allow the technology to mature a little more. I think we were one of the first, if not the first, to implement Guardium. And, like I said before, it was kind of painful, but let the maturation process run it's course. I'd say learn from other people's mistakes or, not so much mistakes, just experiences. Benefit from other peoples' pain, bumps, and bruises.

I rate it seven out of 10 only because it's a unique, niche offering that is not, that I know of, offered elsewhere in the marketplace. It fills a need, which is good. I don't know how prevalent the need is in the marketplace but it's nice to have an offering there that, when needed, you can implement something.

Database activity monitoring (DAM)

It can provide the logs for the activities performed by the privileged users across the all databases (MSSQL, DB2, Teradata, Oracle Sybase and many more) which can avoid the internal frauds and keep data secured. It can also alert if any hackers tried to log-in to the databases from failed login alerts.

Some improvements were needed in version 9.6, those are covered in version 10 already. If we face any issues or bugs in the product IBM provides the patch on that.

Since last 4 years I am working on this project and organisation using this sine seven years

There are very less or minimal issues deployment those might be due to the human error , IBM documented the all steps in details for the deployment and they are available on internet.

Yes there was the issue on the high CPU utilisation by Guardium services ,on the database host but IBM has introduce the Guardium service monitoring service(watch dog process) which auto restart the Guardium services when CPU utilisation reach the defined threshold percentage.

If you follow the recommended configuration as per the IBM and correct capacity sizing done there is no issues.

8 out of 10

8 out of 10

NA

Initial setup is very easy to perform . this has only 4 level architecture (Central Manager-->Aggregator-->Collector-->Guardium STAP agent)

we are implementing In-house with help of documents

Little high as compare to other products available in the market but the service provided by vendor is great and there are many additional functionalities as compare to other tools

NA

vast product as there are many features of this product to full fill the customer requirements, and less expertise are the there worldwide.

We are using this solution for a PoC.

IBM Guardium Data Protection is used to create policies, and rules for database access management.

IBM Guardium Data Protection is very good at keeping your database secure.

It would be helpful, and convenient to improve the Chat support.

I have been using IBM Guardium Data Protection for four months.

I have not had any issues with the stability.

IBM Guardium Data Protection is a scalable solution.

Currently, as we are conducting PoCs, I am the only user. We created an in-house environment at my office. It is not yet ready to be used at the commercial level.

They have good support when they are opening a case, but when on the Chat, the support is not good.

It would be helpful, and convenient to improve the Chat support.

We had IBM appliances, which made it very easy to add. 

We added it to the virtual machine.

The installation was complete in 20 minutes.

I was able to complete the installation myself.

We are working with the trial version.

Licensing fees are paid on a yearly basis.

I don't have all of the information regarding the pricing, but my understanding is that it is on the high side. 

IBM, in general, is the best. I would recommend this solution to others.

I am not familiar with other products. I only know IBM Guardium.

I would rate IBM Guardium Data Protection a nine out of ten.

Database monitoring. At the moment, we are using it to do a lot of data discovery from a data classification for structured data.

Its ability to find data. Once I find data, I can leverage it to perform specific select statements against PII data and do smarter controls rather than monitoring the entire database. 

My only negative thing on Guardium would be it is too smart. I am struggling getting through to social. In an ideal world, I would be able to populate every US zip code and have Guardium find the number, then identify it as a zip code. Right now, I have to pull it down and compare it.

It is a stable product. We just finished upgrading to version 10, and had no issues with the upgrade. We are excited about working with the newest version.

It should meet our need going forward as it is a huge product. We have scanned 7000 SQL databases and 1500 Oracle Databases.

We have a strong partnership with IBM. Their tech support is very knowledgeable.

The initial setup was before me.

We are doing what we call a reboot of the product. We are calling it the Guardium reboot project. We are starting back with the classifications to understand what controls we are implementing, thus stepping back to step forward. We are doing this because in the beginning we moved forward by getting everything monitored without being smart about what data was monitored.

We implemented the most recent upgrade in-house.

Most important criteria when selecting a vendor: At the end of the day, it would have to be the support and relationship. There are a lot of smart people out there building products which do things. However, not everyone can use them, and without having someone to call, it is sort of its own disadvantage. 

Database activity monitoring.

Its performance is good, most of the time.

The benefit is that it's made database monitoring more visible to the business, creating more conversations about how we should do it better. So it's increased the visibility and discussion.

It also helps us with GDPR and SOX compliance and just looking at specific policies around; protecting sensitive data. 

We haven't integrated it with other systems we use.

In terms of saving us time and money, I'm not sure if Guardium does. I know we spend more time and money to cover monitoring, this is something we didn't do before, so I think it's more about the capabilities it's given us.

The architecture and the robustness of the data it produces.

Regarding advanced features, I'm using enforcement in the policies. In the future I would like to do more classification. 

More cloud support. 

For the most part, it's pretty stable. We've had some issues recently that we're working through, on the agent software that runs on the databases.

The scalability is good.

I would say tech support is about a seven out of 10.

It can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take.

Our most important criteria when selecting a vendor are stability and architecture.

I rate this solution a nine out of 10 because there are a few things I'm working through that I would like to see improved, mostly around the stability on the agent software side, working with the database vendors.

Regarding advice, I would recommend you use it and that you try to leverage IBM's support and services as much as possible to help get through the initial installation and configuration.