Our primary use case is for managing and monitoring the database in real time.
Excellent performance, with stable service in and out of country, and recognized scalability
Pros and Cons
- "The most valuable feature I have found is the performance of client monitoring. The other competitors are unable to do this."
- "I would like to see AI and machine learning added in the future."
What is our primary use case?
What is most valuable?
The most valuable feature I have found is the performance of client monitoring. The other competitors are unable to do this.
What needs improvement?
I would like to see AI and machine learning added in the future.
For how long have I used the solution?
I have been working with IBM Security Guardium Data Protection for two years.
Buyer's Guide
IBM Security Guardium Data Protection
November 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
We have found the stability is very good.
What do I think about the scalability of the solution?
All that is necessary for scaling IBM Security Guardium Data Protection is to purchase a license. We have a lot of customers since we are in the finance industry in Vietnam.
How are customer service and support?
We have excellent technical support in-country and out of the country.
How was the initial setup?
The initial setup is straightforward and takes a short time to install.
What's my experience with pricing, setup cost, and licensing?
The price is good for the quality of the solution.
What other advice do I have?
I would rate IBM Security Guardium Data Protection an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
DBA Dept. Manager at a computer software company with 501-1,000 employees
Flexible, stable, and easy to use
Pros and Cons
- "The product has proven to be flexible"
- "The installation should be a bit easier."
What is our primary use case?
We will primarily use the solution for protecting our database. We're still implementing the product. It's not fully in place just yet.
What is most valuable?
The solution is easy to use.
We've found the solution to be very stable.
The product has proven to be flexible.
The system, overall, is quite reliable.
What needs improvement?
The installation should be a bit easier. It's pretty hard to implement right now.
The solution is very expensive. It's expected, as IBM is known to be pricey. It would be nice if they could make it cheaper.
As we are still in the process of implementing the product, it's hard to discuss the features and what might be missing, or could be added. We need more time with the solution to see how it works or what's missing.
For how long have I used the solution?
We've only been using the solution for a short time by now. We're in the middle of implementing it. It's likely only been a couple of weeks.
What do I think about the stability of the solution?
We have found the stability to be quite good. It doesn't crash or freeze. There are no bugs or glitches. Its performance has been very good so far.
What do I think about the scalability of the solution?
The solution is very scalable. If a company needs to expand it, it can do so easily.
Only the administrators really deal with the solution at this time. There are four of us.
We did pay for it, therefore we do plan to continue to use it for the foreseeable future.
How are customer service and technical support?
Our support is through a third-party service, and not directly through IBM itself.
It's been very good so far. They are helpful and responsive.
Which solution did I use previously and why did I switch?
We did not previously use another solution before choosing this IBM product.
How was the initial setup?
The installation is not straightforward at all. In fact, it is very, very complicated. We found the process to be quite difficult to handle. The hardest part is the tuning of the system, to make it work right.
What's my experience with pricing, setup cost, and licensing?
The product is expensive, which is what you tend to expect from IBM products. It's not cheap.
What other advice do I have?
We may be using version 11 of the product at this time.
We're still in the process of implementing the solution. It's still quite new to us.
Right now, I would rate the solution at a nine out of ten, however, I do need more time to really get to know it to evaluate it properly. I likely need another good six months or so with the solution before I can really rate it effectively.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
IBM Security Guardium Data Protection
November 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
AGM, Enterprise Solutions at Omgea Exim Ltd
Better integration options than competitors, with affordable licensing
Pros and Cons
- "IBM Guardium Data Protection has better integration options than most of the leading competitors on the market, and the price is always better."
- "Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF."
What is our primary use case?
Currently, my customer has 10 different types of databases for their various banking applications and they intend to deploy IBM Guardium Data Protection to secure their database activities. As soon as it is deployed, we're able to get some insights into what is going on with their databases, to help ensure the integrity of their data in the future.
Two banks are also working on two opportunities with IBM Guardium right now. I believe this is a compliance requirement; nowadays, everyone has to buy database protection. In that case, technically, Oracle will get the added advantage here, because most of the banks are already using Oracle database.
What is most valuable?
IBM Guardium Data Protection has better integration options than most of the leading competitors on the market, and the price is always better.
What needs improvement?
One thing I'm always thinking with regard to Guardium Data Protection is that, when compared to Oracle AVDF, Oracle's often got the upper hand when it comes to the standard features. So I believe that needs to be addressed by IBM.
Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF. Considering the competitive benefits that AVDF is providing compared to Data Protection, I can see that some improvement is required in terms of the firewall-related features.
Another observation I have is that industry resources are not available to handle this product, and I believe that deployment should be much easier than what we have right now. I'm thinking along the lines of some kind of wizard that makes it easier for users to get started right away. For example, to make it so they can do the deployment easier with drag and drop, etc.
It has to be more user-friendly so that anybody can deploy it, anybody can adopt it, and anybody can do the configuration. It has to be built in such a way that even if you are not a product expert, whether from IBM or otherwise, or that if you know only Word, then you can still configure it. So they have to offer that flexibility in the product.
They can hide the complexity by bringing in more GUI elements so that people can more easily get on board. And also they can introduce the knowledge base side by side so that whenever they are using the product, they can quickly check what exactly needs to be configured. You have Redbooks, and Redbooks can help but maybe they can include something extra. While users are installing maybe IBM can put in some guidance, "Okay, if you do this then you configure this and that."
At the same time, the market has lots of Oracle expertise here. But for IBM, there are no local resources available, and we are highly reliant on external resources. So, I would highly recommend that IBM initiates something like a certification campaign for the end user, as well as for the partner. As a partner, we are trying to do our level best, but I believe it would really benefit users for IBM to come up with some pre-certification campaigns like AWS and Azure do, especially in terms of how they promote their products through learning.
What I believe is that, in order to establish the product in the market, IBM has to invest in developing resources. IBM need to strategize in such a way that it's not just selling. IBM has to develop the resources within the industry, so that there's more word of mouth; people are now talking about AVDF, because they only know about AVDF.
For how long have I used the solution?
I have been working with IBM Guardium Data Protection since last year.
What do I think about the stability of the solution?
I can say that it's a stable product.
What do I think about the scalability of the solution?
Scalability is no problem.
How are customer service and technical support?
Support is where the problem is. Since IBM is not in this country, in terms of technical support and also skill sets in the market, there is not much help available to handle Guardium Data Protection. That's where I suggest that IBM should bring marketing people and do some campaigns, like certification campaigns, so that we can have some skilled experts who will develop resources within the industry to promote and support this product.
How was the initial setup?
Since it comes as an appliance, it's kind of plug and play. I can't be too precise, but it only takes around two hours to initialize the virtual appliance.
What's my experience with pricing, setup cost, and licensing?
For IBM Guardium, licensing is very simple and straightforward. There are no issues I can speak of.
Regarding the pricing, Guardium's price is always better compared to competitors like Oracle. It's not expensive compared to what the leading competitors are providing and on top of that, the integration options with IBM are also better for the price you pay.
What other advice do I have?
I can definitely recommend IBM Guardium and we are going to continue using and promoting it in the future.
I have been working with IBM for approximately 13 years and I've personally found that IBM products are very useful. However, the problem is that IBM's product stack isn't fully present in this country and there is a clear lack of industry resources, so customers remain unaware of their products and they are not adopting products even though this product is very good. Whenever we are talking about the idea of data protection we talk about IBM's solution, Guardium Data Protection.
The main problem is that customers often throw questions like, "What about deployment? What about the support? Are we going to get good support from the local team?" They're not bothered about portal support, they talk about the internal market industry resources. That's where we come in. So even though I am recommending IBM, I know some customers will also like Oracle AVDF.
I would rate IBM Guardium Data Protection an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Socio Director at RAMDIA
An easy-to-deploy solution with good price, compatibility, stability, and scalability
Pros and Cons
- "One of the most valuable features is the accelerator. It has a predefined report for PCI SOX compliance and other compliances."
- "The most important requirements for us are integration with new database solutions and the ability to manage things like Jailbreak or something like that. Its reduction feature can also be improved. It has a functionality called reduction, which is like masking data, but it is just a replacement of characters. Sometimes the customer needs more than this. It would be good if it was more advanced or complete. We also have a problem with this solution because the IBM aggregator isn't working very well. IBM has created big data intelligence for Guardium, and occasionally, customers need three or four months of data, but they can't run it from the collectors. It can have a better dashboard and more pre-defined use cases for those customers who don't have any idea about data protection or don't have expert personnel in this area. For example, they can include five use cases for banks and five use cases for retail."
What is our primary use case?
One of my customers is a company that manages telecommunications in Mexico. It is a very important company, and they use Guardium for compliance purposes. They use it to comply with PCI, for example.
We have on-premises and cloud deployments. We are currently deploying a customer's environment in Microsoft Azure with SQL Server.
How has it helped my organization?
One of our customers uses IBM Security Guardium to discover the production time and to know the transactions about their databases.
What is most valuable?
One of the most valuable features is the accelerator. It has a predefined report for PCI SOX compliance and other compliances.
What needs improvement?
The most important requirements for us are integration with new database solutions and the ability to manage things like Jailbreak or something like that.
Its reduction feature can also be improved. It has a functionality called reduction, which is like masking data, but it is just a replacement of characters. Sometimes the customer needs more than this. It would be good if it was more advanced or complete.
We also have a problem with this solution because the IBM aggregator isn't working very well. IBM has created big data intelligence for Guardium, and occasionally, customers need three or four months of data, but they can't run it from the collectors.
It can have a better dashboard and more pre-defined use cases for those customers who don't have any idea about data protection or don't have expert personnel in this area. For example, they can include five use cases for banks and five use cases for retail.
For how long have I used the solution?
I have been using this solution for eight or nine years. I have been using Guardium before it was bought by IBM.
What do I think about the stability of the solution?
Its stability is very good. It is quite available all the time.
What do I think about the scalability of the solution?
Its scalability is perfect. In Mexico, we did most of the implementations for medium and large customers. Our company implemented this solution for banks and telecommunication companies.
How are customer service and technical support?
IBM's technical support is good, but it can be improved. They can improve the response time for the tickets and the availability for the resolution of the tickets.
How was the initial setup?
It is not complex now. Prior to version 11, in general, the console and the environment were not good. They were bad, but they are good in version 11. The deployment duration varies, and complete integration in Windows can take three weeks to two months.
What's my experience with pricing, setup cost, and licensing?
Its cost is good. With the new metric of licensing, such as PDO not being available now, customers are expecting a good price for the solution.
Which other solutions did I evaluate?
Oracle Vault, Guardium, and Imperva are the three main solutions that clients consider. Easy deployment and good compatibility with all the solutions that customers have gives Guardium an advantage over other solutions.
What other advice do I have?
We would recommend this solution to others. It is a good solution at a good price, and your data is invaluable.
I would rate IBM Guardium Data Protection a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Guardium Engineer
Helps make us more compliant with regulatory requirements but cost outweighs benefits
What is our primary use case?
We want to protect our data. That's the primary use case.
So far, performance has been okay.
How has it helped my organization?
We are able to identify who does what, when, and we are able to go back to them and say, "Is this an authorized activity? Is it not an authorized activity?" Why are they doing it? Is there an outlier? Go back and find out if that is normal, unusual? It has helped the overall perspective of making our operations more compliant with the regulatory requirements.
We use Guardium to support security initiatives and compliance policies in our organization. For example, we create reports that tell us how often is a password locked, how many exceptions we are getting, how many failed login items we are getting. We send those reports to the compliance and auditing folks. We do vulnerability assessments, detect vulnerabilities and send reports.
Currently we are not focused on GDPR because we are mainly a US-based company. I don't think I would say that Guardium has saved us time or money.
What is most valuable?
It does the monitoring of access very well, although we currently don't use any of the advanced features.
What needs improvement?
Get rid of the collectors. Stream the data directly from the agents to the Big Data link.
What do I think about the stability of the solution?
The solution is very stable, but it has its challenges.
How are customer service and technical support?
I would rate tech support about seven out of 10.
Which solution did I use previously and why did I switch?
This was a management decision. I think when they found Anthem was getting breached they decided, "Hey, let's try something else."
When selecting a vendor, the most important criteria for me are the
- reliability of the vendor
- name recognition
- support model
- cost, of course.
How was the initial setup?
If you know it, it's pretty straightforward. Otherwise, there is a little learning curve.
What's my experience with pricing, setup cost, and licensing?
The biggest challenge is the cost associated with the product, and the cost of maintaining. Everything is not translated directly to the benefits we see. There are benefits, yes, but if I were writing the check, would I buy Guardium? No.
Which other solutions did I evaluate?
It's pretty good. We have the latest version, so we are able to scale.
What other advice do I have?
I would rate this solution six out of 10. The benefit to the cost is not justified, in my opinion.
I would say Guardium is a good product. It's a very good product, but you want to weigh how much you want to implement. Do you want to focus on only certain applications? Certain databases? Don't do it across the enterprise. So think about that.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Engineer at a financial services firm with 10,001+ employees
With the GIM, you can remotely enable/disable, install and upgrade the S-TAP agent. DB user profiling should be part of the auditing systems.
What is most valuable?
For us, the most valuable features are the auditing capabilities and the Guardium inspection engine. The GIM (Guardium Installation Manager) makes it easy to manage the S-TAP agent. You can enable/disable, install and upgrade remotely with no need for the system administrator.
What needs improvement?
DB user profiling is something that should be part of Guardium auditing systems.
Also, reporting is not user friendly as compared to other tools. Moreover, for each report, you have to create an audit policy to create the report. It should be policy-based.
For how long have I used the solution?
We have been using Guardium for 2 years.
What do I think about the stability of the solution?
We did experiences a few system crashes.
How is customer service and technical support?
Technical support is very good.
How was the initial setup?
The initial setup was complex.
Which other solutions did I evaluate?
We also looked at McAfee and Fortinet.
What other advice do I have?
I would consider IBM brand value.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
VP - Enterprise Security & Cloud Business at a tech vendor with 1,001-5,000 employees
Textured and reliable with secure data privacy provisions
Pros and Cons
- "Ease of deployment is a valuable feature."
- "Flexibility could be improved."
What is our primary use case?
We deal with a range of customers and lately the issue of data privacy and user identity has become very important and many companies are now seriously evaluating tools like Guardium. Companies want to know who is accessing database applications and what they are doing. This product is geared towards medium and large size enterprise companies. We're partners of IBM and I'm a company Vice President.
What is most valuable?
The ease of deployment is a key feature of this solution.
What needs improvement?
With these solutions, flexibility is always an issue and that applies to Oracle and other similar products. Integreon, which is much smaller in size, is likely to be more flexible than IBM.
There is a big concern here in India about deploying on cloud so the one thing I would like to see in the next release is a fast option from IBM that is hosted from their India cloud data center.
For how long have I used the solution?
I've been using this solution for a few months.
What do I think about the stability of the solution?
I think this is a stable solution.
What do I think about the scalability of the solution?
It's easy to scale this solution.
How are customer service and technical support?
Technical support is good.
How was the initial setup?
The initial setup is a little complex and requires some effort. It generally involves some customization and configuring and will require good online support. If you have a fair idea of the customer environment I don't think it takes a long time. There is very little, if any, maintenance required if the solution has been configured properly.
What other advice do I have?
This is one of the core applications for customers and is not something like an endpoint security or perimeter security. It's a specialized use case. This is a textured product and the brand equity of IBM means it's reliable. I have long-term relationships with my clients and wouldn't like to deploy something that gives me problems. This is a good product.
I would rate this solution an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Database Administrator at a healthcare company with 10,001+ employees
It tests security to support SOX compliance
Pros and Cons
- "It supports our audit compliance."
- "It tests security to support SOX compliance."
- "I would like them to support cloud services."
- "Sometimes the performance is not good, and also sometimes we have sudden bugs causing difficulties."
What is our primary use case?
It tests security to support SOX compliance.
How has it helped my organization?
It supports our audit compliance. We use IBM Guardium to support security initiatives and compliance policies within our organization. We have a lot of self controls which require the database to be monitored, especially for the privileged user.
What is most valuable?
- Its band monitoring. We just started to use it.
- The mobility assessment
What needs improvement?
I would like them to support cloud services.
What do I think about the stability of the solution?
It is pretty good, though we have had some issues. Sometimes the performance is not good, and also sometimes we have sudden bugs causing difficulties. Therefore, it is hard for IBM to fix.
What do I think about the scalability of the solution?
Scalability is good.
How is customer service and technical support?
My experience with technical support depends. Sometimes, with Level 1, it is not good. However, when the case goes to Level 2, the support is pretty good.
How was the initial setup?
The initial setup was pretty straightforward.
What was our ROI?
Senior management is aware that Guardium has saved the organization time and money
Which other solutions did I evaluate?
We just talked to IBM. If we have a problem, maybe they can offer us something new, new features, etc.
What other advice do I have?
IBM Guardium is good.
Most important criteria when selecting a vendor: reliability.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Database SecurityPopular Comparisons
Imperva SecureSphere Database Security
Oracle Audit Vault
Protegrity’s Data Protection Platform
DataSunrise Database Security
Trustwave DbProtect
IDERA SQL Compliance Manager
IDERA SQL Secure
Oracle Database Vault
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- IBM Guardium vs Imperva SecureSphere Database Security
- IBM Guardium Data Protection vs. Vormetric Application Crypto Suite for a tech services company
- How does IBM Guardium Data Protection compare with Imperva SecureSphere Database Security?
- What are the differences between IBM Guardium and Imperva?
- When evaluating Database Security, what aspect do you think is the most important to look for?
- IBM Guardium vs Imperva SecureSphere Database Security
- What is the difference between "data protection in transit" vs "data protection at rest"?
- Audit Vault vs. InfoSphere Guardium?
- Database security tools comparison report?
- Why is Database Security important for companies?