IBM Security Guardium Data Protection Reviews

We are resellers of IBM. Most of the use cases of IBM Guardium are to monitor the database activity. The first is to identify any abnormal activities like trying to access the database or trying to create or delete any scheme on the tables. 

The purpose of EBM Guardium is to monitor database activity and who is accessing it. This is the most valuable feature.

We have privileged users, like the DBAs, who are most often the ones accessing the database. We also have web services and application services that talk to the database. With IBM Guardium Data Protection we can see who the previous users were and what web or server actually connected to the data business. 

Secondly, any changes done by the DBAs are recorded so we know that the DB has changed in the data structure, scheme, or creation of a table or drop of a table. 

IBM Guardium Data Protection is a mature product. There is a lot of encryption that is not owned by IBM and is done by a third party and is not an integral part of the solution.

This solution is stable, I don't believe there is another product that is more stable.

The solution is part of IP so you can scale it.

IBM Guardium Data Protection has one of the best supports out there.

The initial setup of IBM Guardium is straightforward. The deployment depends on the organization and types of servers. The only delay is when there are critical data servers that require a planned approach. 

You can deploy the solution by pushing it through a central aggregator or a collector.

We engage a consult to deploy the solution because it is not only installing the solution but also doing a report. 

The installation requires the involvement of a DBA, but it depends on the number of databases.

The licensing is much easier now. It's for IP, it is not part It's not part number of databases of schema, it's for the IP so it's much simpler now.

If you are considering IBM Guardian Data Protection you should be aware of your environment. For example, if you are in the banking sector you need to plan very well so it can be scaled accordingly.

It is important to hire a consultant when installing this solution. They can provide an analysis of what exactly needs to be done. Keep in mind that this is a data access management database, it's not only about data but also about files. 

I rate this solution a 9 out of 10.

Database activity monitoring.

Its performance is good, most of the time.

The benefit is that it's made database monitoring more visible to the business, creating more conversations about how we should do it better. So it's increased the visibility and discussion.

It also helps us with GDPR and SOX compliance and just looking at specific policies around; protecting sensitive data. 

We haven't integrated it with other systems we use.

In terms of saving us time and money, I'm not sure if Guardium does. I know we spend more time and money to cover monitoring, this is something we didn't do before, so I think it's more about the capabilities it's given us.

The architecture and the robustness of the data it produces.

Regarding advanced features, I'm using enforcement in the policies. In the future I would like to do more classification. 

More cloud support. 

For the most part, it's pretty stable. We've had some issues recently that we're working through, on the agent software that runs on the databases.

The scalability is good.

I would say tech support is about a seven out of 10.

It can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take.

Our most important criteria when selecting a vendor are stability and architecture.

I rate this solution a nine out of 10 because there are a few things I'm working through that I would like to see improved, mostly around the stability on the agent software side, working with the database vendors.

Regarding advice, I would recommend you use it and that you try to leverage IBM's support and services as much as possible to help get through the initial installation and configuration.

For the mainframe, monitoring DB2 privileged access to our databases.

It has performed really well so far for the purpose, but we're not using the full capacity of it. There's also an open systems side that they're implementing now, that I'm not part of, but there's a lot more growth in that area.

It's more secure. The big issue is satisfying audit requirements, that is really big in our company right now.

We also use Guardium to support security initiatives and compliance policies within our organization. For what we do, we need to know who exactly is using our privileged IDs, because that's a security risk, if someone who is not authorized does that.

I don't know if Guardium has helped us comply with industry regulations like SOX, PCI, or GDPR. We also have not integrated it into other systems.

In the past we were doing a lot of manual checking, running our own reports, going through SMF data, but now Guardium does that reporting for us. That saves us time and money. Senior management is aware of the savings. They're the ones that really pushed for it.

Satisfies audit requests, to give us an idea if anybody is accessing our privileged user IDs without our knowledge.

We don't use any of the advanced features.

Regarding other features we would like to implement, I don't deal with the actual setup of the product. We have a specialist for Guardium to do that for us. We tell him our requirements and he builds the policies. So far it's very limited on our side, but I imagine on the open systems, side there would be a lot more complex policies.

Right now we're having some issues where it's using a high CPU, we don't know why. So, better testing before the product is ready would help.

So far, so good. We've been using it for about two or three years right now, and we have had no issues. Once it was set up properly, it has run as it should.

It appears to be very scalable, especially on the mainframe. On the open systems side there are a lot more servers out there, mainframe is more centralized. On the mainframe it's very scalable. We're only using one percent of it right now, what we're monitoring. But we feel that with the power of the mainframe, that can go up as much as we need.

We use tech support. If we have a problem, we open up a PMR with IBM on the mainframe side, and we also have someone that does the implementation of it on the server side. He works closely with IBM. Our experience with tech support is really good. They're responsive, and we get to the right person.

Our previous solution was manual.

Our most important criteria when selecting a vendor are reliability, the reputation, and the product itself has to deliver in an efficient manner. Our company is heavily involved with IBM products, so adding another product or taking a product away is not very hard.

We were somewhat new to it. When it first came out we had it brought in for testing. In the initial stage, the documentation was not very good on the mainframe side. But once we installed it... it was very easy to install in the mainframe side. On the open systems side, and the person supporting it, he has to be more skilled and more knowledgeable of the product, so I can't speak for him.

We did not actually PoC anybody else.

I give it a nine out of 10. It's not perfect: Issues like using a high CPU and, in the beginning, it was a little unclear on how to install it. This is only on the mainframe side.

In terms of advice, do a good PoC on it, because I believe it's a very expensive solution. And it has to satisfy the auditors, for sure. If it doesn't satisfy the auditors it won't go anywhere.

We acquired Guardium to encrypt certain databases to meet a customer requirement.

It has been performing to spec.

We use Guardium to support security initiatives and compliance policies within our organization. The encryption meets a requirement. It was a requirement of a customer. I don't think it is a compliance requirement, but it did come through as a request from a prospective client, so we implemented it.

I don't know if this solution has helped us to comply with Industry regulations like SOX, UCI or GDPR. We have not integrated it with other systems we use. I would not say it has saved us time or money.

I understand that it's one of the first to encrypt DB2 databases.

I'm not able to answer whether we're using any of the advanced features.

This would be a question for one of the technical folks, probably not for me.

It was difficult implementing it, configuring it, getting it up and running and in production. However, since then, I believe it has stabilized.

We haven't really tested the scalability with it as yet, we're really only encrypting a very small percentage of our data.

Technical support is interesting because, when we implemented Guardium, it was a partnership of IBM with the company that, I think, Guardium either partnered with or acquired since then. So, even though support was funneled through IBM, it was actually performed by the third-party software company, and it was difficult and challenging at times. There was a layer of interpretation between IBM and Rocket Software, and sometimes that was helpful and other times not so much.

In terms of advice, I would say allow the technology to mature a little more. I think we were one of the first, if not the first, to implement Guardium. And, like I said before, it was kind of painful, but let the maturation process run it's course. I'd say learn from other people's mistakes or, not so much mistakes, just experiences. Benefit from other peoples' pain, bumps, and bruises.

I rate it seven out of 10 only because it's a unique, niche offering that is not, that I know of, offered elsewhere in the marketplace. It fills a need, which is good. I don't know how prevalent the need is in the marketplace but it's nice to have an offering there that, when needed, you can implement something.

The primary use case for most of our customers is for monitoring and compliance. It's mostly deployed on-premises and it's a database activity monitoring solution. 

The most valuable features have been how easy it is to deploy and use, as well as the comprehensive monitoring options. These are a few things that customers like most about this product. 

The analysis part of this product could be improved. It's a very comprehensive product, so the features it has complement customer requirements. But I would like to see more emphasis on analytics, and it would be great if they added machine learning. They already have analysis insights, but a comprehensive analytical feature that's already incorporated into the solution would be very helpful. 

I have been working with IBM Guardium for the past 10 years. 

This solution is stable and reliable. 

This solution is scalable. That's one of the missions of this product—it can scale. 

I think technical support is generally helpful, but it depends on the situation and the complexity of the problem. Most of the time, we resolve customers' issues ourselves, but technical support is helpful whenever I do require their help. 

Most of the time, the deployment process is straightforward. There is a specific process which isn't too complicated or difficult. The amount of maintenance that will be required depends on the deployment. When we set up the solution, we usually try to optimize it so that it requires little maintenance. 

My company provides implementation services to customers. 

Guardium is most suitable for large scale enterprises because the pricing model is better if you are implementing a large number of databases. It may be suited to medium enterprises, but to a lesser extent. It depends on customer requirements, but it's best suited to large companies because of affordability. 

I have experience with Oracle Audit Vault and Imperva SecureSphere Database Security, which are the two main competitors. If you compare Guardium with Audit Vault, the main differences are in the deployment model, how they work, and the focus of each product with regard to monitoring. Audit Vault has a different deployment method. Imperva is more similar to Guardium. 

If you are looking to implement Guardium, you first need to understand your requirements. The objective of these database and security monitoring solutions is for compliance and auditing. You want a solution that will monitor everything, but the main objective is to monitor the right areas or the key parts of the area that should be monitored. This is the one thing customers should consider before choosing any database or similar solution. 

We have good relationships with our customers, so whenever they're looking for a solution, we try to partner with them and align them with a product that will meet their needs. Usually when we go with this product, we go with SQL first, then go for integration deployment. Our recommendations are based on customer requirements. Even if it's a good product, it may not be a good fit for the customer. 

I would rate this product an eight out of ten, just because there's always room for improvement. 

Currently, my customer has 10 different types of databases for their various banking applications and they intend to deploy IBM Guardium Data Protection to secure their database activities. As soon as it is deployed, we're able to get some insights into what is going on with their databases, to help ensure the integrity of their data in the future.

Two banks are also working on two opportunities with IBM Guardium right now. I believe this is a compliance requirement; nowadays, everyone has to buy database protection. In that case, technically, Oracle will get the added advantage here, because most of the banks are already using Oracle database.

IBM Guardium Data Protection has better integration options than most of the leading competitors on the market, and the price is always better. 

One thing I'm always thinking with regard to Guardium Data Protection is that, when compared to Oracle AVDF, Oracle's often got the upper hand when it comes to the standard features. So I believe that needs to be addressed by IBM. 

Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF. Considering the competitive benefits that AVDF is providing compared to Data Protection, I can see that some improvement is required in terms of the firewall-related features.

Another observation I have is that industry resources are not available to handle this product, and I believe that deployment should be much easier than what we have right now. I'm thinking along the lines of some kind of wizard that makes it easier for users to get started right away. For example, to make it so they can do the deployment easier with drag and drop, etc.

It has to be more user-friendly so that anybody can deploy it, anybody can adopt it, and anybody can do the configuration. It has to be built in such a way that even if you are not a product expert, whether from IBM or otherwise, or that if you know only Word, then you can still configure it. So they have to offer that flexibility in the product.

They can hide the complexity by bringing in more GUI elements so that people can more easily get on board. And also they can introduce the knowledge base side by side so that whenever they are using the product, they can quickly check what exactly needs to be configured. You have Redbooks, and Redbooks can help but maybe they can include something extra. While users are installing maybe IBM can put in some guidance, "Okay, if you do this then you configure this and that."

At the same time, the market has lots of Oracle expertise here. But for IBM, there are no local resources available, and we are highly reliant on external resources. So, I would highly recommend that IBM initiates something like a certification campaign for the end user, as well as for the partner. As a partner, we are trying to do our level best, but I believe it would really benefit users for IBM to come up with some pre-certification campaigns like AWS and Azure do, especially in terms of how they promote their products through learning.

What I believe is that, in order to establish the product in the market, IBM has to invest in developing resources. IBM need to strategize in such a way that it's not just selling. IBM has to develop the resources within the industry, so that there's more word of mouth; people are now talking about AVDF, because they only know about AVDF.

I have been working with IBM Guardium Data Protection since last year. 

I can say that it's a stable product. 

Scalability is no problem. 

Support is where the problem is. Since IBM is not in this country, in terms of technical support and also skill sets in the market, there is not much help available to handle Guardium Data Protection. That's where I suggest that IBM should bring marketing people and do some campaigns, like certification campaigns, so that we can have some skilled experts who will develop resources within the industry to promote and support this product.

Since it comes as an appliance, it's kind of plug and play. I can't be too precise, but it only takes around two hours to initialize the virtual appliance.

For IBM Guardium, licensing is very simple and straightforward. There are no issues I can speak of.

Regarding the pricing, Guardium's price is always better compared to competitors like Oracle. It's not expensive compared to what the leading competitors are providing and on top of that, the integration options with IBM are also better for the price you pay.

I can definitely recommend IBM Guardium and we are going to continue using and promoting it in the future.

I have been working with IBM for approximately 13 years and I've personally found that IBM products are very useful. However, the problem is that IBM's product stack isn't fully present in this country and there is a clear lack of industry resources, so customers remain unaware of their products and they are not adopting products even though this product is very good. Whenever we are talking about the idea of data protection we talk about IBM's solution, Guardium Data Protection.

The main problem is that customers often throw questions like, "What about deployment? What about the support? Are we going to get good support from the local team?" They're not bothered about portal support, they talk about the internal market industry resources. That's where we come in. So even though I am recommending IBM, I know some customers will also like Oracle AVDF.

I would rate IBM Guardium Data Protection an eight out of ten.

It's being used to identify who is using what data, what resources, what they're using them for, providing audit trails. We also use it to set baselines for usage patterns, to start building cases if there are any erroneous accesses happening, and to start allowing more intuitive alerts.

So far it's installed. It was a little rocky at the beginning but everything is working pretty well now. I think the baselines have been established and so far it's performing as expected.

Now that they have the base, they are going to start creating other use cases. I'm not sure what they are, but they are going to start expanding the usage and provide more education to the security staff.

It's another layer to help us identify, especially from audit perspectives. It's allowing us to be more proactive than reactive on alerts and access rights and types of resources that are being hit. Before, there were a lot of different solutions, but this expanded that out and made it a more holistic solution.

It provides centralization of monitoring, instead of multiple, disparate applications. It definitely allows more economies of scale, streamlining, less fragmented use.

We also use IBM Guardium to support security initiatives and compliance policies. For example, our audit area can verify if someone has access to information that they shouldn't have, for their regular job functions. For instance, a customer service rep is looking at his ex-wife's records. We can now see all those accesses and we can verify, and if it's true and it wasn't part of their job duties, they can actually be terminated - and a lot of that has happened since.

In terms of whether it has helped us comply with industry regulations like SOX, PCI, or GDPR, with workflow, reports, and accelerators, I know we're working on becoming high-trust certified, but I'm not part of that process any more. I would have to guess, though, that it has helped, as another tool in the tool box.

I also think we integrated it with our SIEM tool, and I don't think there were any issues.

I think the solution will save us time and money. We're still in that "ROI phase" where we're building towards that. I'd give us probably another year to year and a half until we achieve that all back. But every time an inquiry comes in, instead of it taking tens of hours, now it's taking minutes.

Senior management is definitely aware of the improvements.

I'm not aware of our using any of the existing advanced features. I was only in on  the initial implementation, so if they have added new things since then, I'm not aware of it.

If I used it every day I'd probably be able to give you a really good answer. But I don't.

I haven't heard of any issues. I think it's been pretty stable, once they got over the initial bumps. The bumps were just our staff knowing how much information needed to be monitored, and at what level. I think they were fluctuating between levels of granularity as well.

We started out with as much as we could from the beginning. I don't think there have been any issues. It's our internal skill set and maturity with the tool that have been growing. I think it has TAPs in every piece of our data in our datacenter, so it's already been able to scale to what we need.

I personally haven't used tech support, but I know that during implementation, when they were reaching out, IBM was always really responsive.

We have a really good relationship with IBM, regarding PMRs being taken care of. We actually have monthly meetings with the sales and technical support staff to make sure everything is being addressed, and they do a good job.

We knew there was a gap that needed to be filled, I believe, when they engaged IBM. We had some pretty specific, and general, requirements around auditing and security. I don't recall who else they looked at in that space, but IBM seemed to fulfill every requirement we had on our list. And some issues we didn't even know about, because of our level of maturity; you don't know what you don't know, until you find out, "Oh, we can do that?"

A lot of it was just knowing where to put all the S-TAPs. There was a lack of skill set on our implementation team, so IBM had a partner come in and help. There was that gap of knowledge that had to be crossed, and once the skill set was built it performed a lot cleaner.

I don't know. They went through the RFP process and selected the tool, and then I got involved, and then I hopped back out.

If it's the vendor or a third-party telling you how things should be set up out of the gate, go with that and don't argue with them. That saves a lot of time.

I would rate it a nine out of 10. It has done a really good job for us.

We will primarily use the solution for protecting our database. We're still implementing the product. It's not fully in place just yet.

The solution is easy to use.

We've found the solution to be very stable.

The product has proven to be flexible.

The system, overall, is quite reliable.

The installation should be a bit easier. It's pretty hard to implement right now.

The solution is very expensive. It's expected, as IBM is known to be pricey. It would be nice if they could make it cheaper.

As we are still in the process of implementing the product, it's hard to discuss the features and what might be missing, or could be added. We need more time with the solution to see how it works or what's missing.

We've only been using the solution for a short time by now. We're in the middle of implementing it. It's likely only been a couple of weeks.

We have found the stability to be quite good. It doesn't crash or freeze. There are no bugs or glitches. Its performance has been very good so far.

The solution is very scalable. If a company needs to expand it, it can do so easily.

Only the administrators really deal with the solution at this time. There are four of us.

We did pay for it, therefore we do plan to continue to use it for the foreseeable future.

Our support is through a third-party service, and not directly through IBM itself.

It's been very good so far. They are helpful and responsive.

We did not previously use another solution before choosing this IBM product.

The installation is not straightforward at all. In fact, it is very, very complicated. We found the process to be quite difficult to handle. The hardest part is the tuning of the system, to make it work right.

The product is expensive, which is what you tend to expect from IBM products. It's not cheap.

We may be using version 11 of the product at this time.

We're still in the process of implementing the solution. It's still quite new to us.

Right now, I would rate the solution at a nine out of ten, however, I do need more time to really get to know it to evaluate it properly. I likely need another good six months or so with the solution before I can really rate it effectively.