IBM Security Guardium Data Protection Reviews

Our primary use case is for managing and monitoring the database in real time.

The most valuable feature I have found is the performance of client monitoring. The other competitors are unable to do this.

I would like to see AI and machine learning added in the future.

I have been working with IBM Security Guardium Data Protection for two years. 

We have found the stability is very good.

All that is necessary for scaling IBM Security Guardium Data Protection is to purchase a license. We have a lot of customers since we are in the finance industry in Vietnam.

We have excellent technical support in-country and out of the country.

The initial setup is straightforward and takes a short time to install.

The price is good for the quality of the solution.

I would rate IBM Security Guardium Data Protection an eight out of ten.

We will primarily use the solution for protecting our database. We're still implementing the product. It's not fully in place just yet.

The solution is easy to use.

We've found the solution to be very stable.

The product has proven to be flexible.

The system, overall, is quite reliable.

The installation should be a bit easier. It's pretty hard to implement right now.

The solution is very expensive. It's expected, as IBM is known to be pricey. It would be nice if they could make it cheaper.

As we are still in the process of implementing the product, it's hard to discuss the features and what might be missing, or could be added. We need more time with the solution to see how it works or what's missing.

We've only been using the solution for a short time by now. We're in the middle of implementing it. It's likely only been a couple of weeks.

We have found the stability to be quite good. It doesn't crash or freeze. There are no bugs or glitches. Its performance has been very good so far.

The solution is very scalable. If a company needs to expand it, it can do so easily.

Only the administrators really deal with the solution at this time. There are four of us.

We did pay for it, therefore we do plan to continue to use it for the foreseeable future.

Our support is through a third-party service, and not directly through IBM itself.

It's been very good so far. They are helpful and responsive.

We did not previously use another solution before choosing this IBM product.

The installation is not straightforward at all. In fact, it is very, very complicated. We found the process to be quite difficult to handle. The hardest part is the tuning of the system, to make it work right.

The product is expensive, which is what you tend to expect from IBM products. It's not cheap.

We may be using version 11 of the product at this time.

We're still in the process of implementing the solution. It's still quite new to us.

Right now, I would rate the solution at a nine out of ten, however, I do need more time to really get to know it to evaluate it properly. I likely need another good six months or so with the solution before I can really rate it effectively.

Currently, my customer has 10 different types of databases for their various banking applications and they intend to deploy IBM Guardium Data Protection to secure their database activities. As soon as it is deployed, we're able to get some insights into what is going on with their databases, to help ensure the integrity of their data in the future.

Two banks are also working on two opportunities with IBM Guardium right now. I believe this is a compliance requirement; nowadays, everyone has to buy database protection. In that case, technically, Oracle will get the added advantage here, because most of the banks are already using Oracle database.

IBM Guardium Data Protection has better integration options than most of the leading competitors on the market, and the price is always better. 

One thing I'm always thinking with regard to Guardium Data Protection is that, when compared to Oracle AVDF, Oracle's often got the upper hand when it comes to the standard features. So I believe that needs to be addressed by IBM. 

Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF. Considering the competitive benefits that AVDF is providing compared to Data Protection, I can see that some improvement is required in terms of the firewall-related features.

Another observation I have is that industry resources are not available to handle this product, and I believe that deployment should be much easier than what we have right now. I'm thinking along the lines of some kind of wizard that makes it easier for users to get started right away. For example, to make it so they can do the deployment easier with drag and drop, etc.

It has to be more user-friendly so that anybody can deploy it, anybody can adopt it, and anybody can do the configuration. It has to be built in such a way that even if you are not a product expert, whether from IBM or otherwise, or that if you know only Word, then you can still configure it. So they have to offer that flexibility in the product.

They can hide the complexity by bringing in more GUI elements so that people can more easily get on board. And also they can introduce the knowledge base side by side so that whenever they are using the product, they can quickly check what exactly needs to be configured. You have Redbooks, and Redbooks can help but maybe they can include something extra. While users are installing maybe IBM can put in some guidance, "Okay, if you do this then you configure this and that."

At the same time, the market has lots of Oracle expertise here. But for IBM, there are no local resources available, and we are highly reliant on external resources. So, I would highly recommend that IBM initiates something like a certification campaign for the end user, as well as for the partner. As a partner, we are trying to do our level best, but I believe it would really benefit users for IBM to come up with some pre-certification campaigns like AWS and Azure do, especially in terms of how they promote their products through learning.

What I believe is that, in order to establish the product in the market, IBM has to invest in developing resources. IBM need to strategize in such a way that it's not just selling. IBM has to develop the resources within the industry, so that there's more word of mouth; people are now talking about AVDF, because they only know about AVDF.

I have been working with IBM Guardium Data Protection since last year. 

I can say that it's a stable product. 

Scalability is no problem. 

Support is where the problem is. Since IBM is not in this country, in terms of technical support and also skill sets in the market, there is not much help available to handle Guardium Data Protection. That's where I suggest that IBM should bring marketing people and do some campaigns, like certification campaigns, so that we can have some skilled experts who will develop resources within the industry to promote and support this product.

Since it comes as an appliance, it's kind of plug and play. I can't be too precise, but it only takes around two hours to initialize the virtual appliance.

For IBM Guardium, licensing is very simple and straightforward. There are no issues I can speak of.

Regarding the pricing, Guardium's price is always better compared to competitors like Oracle. It's not expensive compared to what the leading competitors are providing and on top of that, the integration options with IBM are also better for the price you pay.

I can definitely recommend IBM Guardium and we are going to continue using and promoting it in the future.

I have been working with IBM for approximately 13 years and I've personally found that IBM products are very useful. However, the problem is that IBM's product stack isn't fully present in this country and there is a clear lack of industry resources, so customers remain unaware of their products and they are not adopting products even though this product is very good. Whenever we are talking about the idea of data protection we talk about IBM's solution, Guardium Data Protection.

The main problem is that customers often throw questions like, "What about deployment? What about the support? Are we going to get good support from the local team?" They're not bothered about portal support, they talk about the internal market industry resources. That's where we come in. So even though I am recommending IBM, I know some customers will also like Oracle AVDF.

I would rate IBM Guardium Data Protection an eight out of ten.

One of my customers is a company that manages telecommunications in Mexico. It is a very important company, and they use Guardium for compliance purposes. They use it to comply with PCI, for example.

We have on-premises and cloud deployments. We are currently deploying a customer's environment in Microsoft Azure with SQL Server.

One of our customers uses IBM Security Guardium to discover the production time and to know the transactions about their databases.

One of the most valuable features is the accelerator. It has a predefined report for PCI SOX compliance and other compliances.

The most important requirements for us are integration with new database solutions and the ability to manage things like Jailbreak or something like that.

Its reduction feature can also be improved. It has a functionality called reduction, which is like masking data, but it is just a replacement of characters. Sometimes the customer needs more than this. It would be good if it was more advanced or complete.

We also have a problem with this solution because the IBM aggregator isn't working very well. IBM has created big data intelligence for Guardium, and occasionally, customers need three or four months of data, but they can't run it from the collectors.

It can have a better dashboard and more pre-defined use cases for those customers who don't have any idea about data protection or don't have expert personnel in this area. For example, they can include five use cases for banks and five use cases for retail.

I have been using this solution for eight or nine years. I have been using Guardium before it was bought by IBM.

Its stability is very good. It is quite available all the time.

Its scalability is perfect. In Mexico, we did most of the implementations for medium and large customers. Our company implemented this solution for banks and telecommunication companies.

IBM's technical support is good, but it can be improved. They can improve the response time for the tickets and the availability for the resolution of the tickets.

It is not complex now. Prior to version 11, in general, the console and the environment were not good. They were bad, but they are good in version 11. The deployment duration varies, and complete integration in Windows can take three weeks to two months.

Its cost is good. With the new metric of licensing, such as PDO not being available now, customers are expecting a good price for the solution.

Oracle Vault, Guardium, and Imperva are the three main solutions that clients consider. Easy deployment and good compatibility with all the solutions that customers have gives Guardium an advantage over other solutions.

We would recommend this solution to others. It is a good solution at a good price, and your data is invaluable.

I would rate IBM Guardium Data Protection a nine out of ten.

We want to protect our data. That's the primary use case.

So far, performance has been okay.

We are able to identify who does what, when, and we are able to go back to them and say, "Is this an authorized activity? Is it not an authorized activity?" Why are they doing it? Is there an outlier? Go back and find out if that is normal, unusual? It has helped the overall perspective of making our operations more compliant with the regulatory requirements.

We use Guardium to support security initiatives and compliance policies in our organization. For example, we create reports that tell us how often is a password locked, how many exceptions we are getting, how many failed login items we are getting. We send those reports to the compliance and auditing folks. We do vulnerability assessments, detect vulnerabilities and send reports.

Currently we are not focused on GDPR because we are mainly a US-based company. I don't think I would say that Guardium has saved us time or money.

It does the monitoring of access very well, although we currently don't use any of the advanced features.

Get rid of the collectors. Stream the data directly from the agents to the Big Data link.

The solution is very stable, but it has its challenges. 

I would rate tech support about seven out of 10.

This was a management decision. I think when they found Anthem was getting breached they decided, "Hey, let's try something else."

When selecting a vendor, the most important criteria for me are the

• reliability of the vendor
• name recognition
• support model
• cost, of course.

If you know it, it's pretty straightforward. Otherwise, there is a little learning curve.

The biggest challenge is the cost associated with the product, and the cost of maintaining. Everything is not translated directly to the benefits we see. There are benefits, yes, but if I were writing the check, would I buy Guardium? No.

It's pretty good. We have the latest version, so we are able to scale.

I would rate this solution six out of 10. The benefit to the cost is not justified, in my opinion.

I would say Guardium is a good product. It's a very good product, but you want to weigh how much you want to implement. Do you want to focus on only certain applications? Certain databases? Don't do it across the enterprise. So think about that.

For us, the most valuable features are the auditing capabilities and the Guardium inspection engine. The GIM (Guardium Installation Manager) makes it easy to manage the S-TAP agent. You can enable/disable, install and upgrade remotely with no need for the system administrator.

DB user profiling is something that should be part of Guardium auditing systems.

Also, reporting is not user friendly as compared to other tools. Moreover, for each report, you have to create an audit policy to create the report. It should be policy-based.

We have been using Guardium for 2 years.

We did experiences a few system crashes.

Technical support is very good.

The initial setup was complex.

We also looked at McAfee and Fortinet.

I would consider IBM brand value.

We deal with a range of customers and lately the issue of data privacy and user identity has become very important and many companies are now seriously evaluating tools like Guardium. Companies want to know who is accessing database applications and what they are doing. This product is geared towards medium and large size enterprise companies. We're partners of IBM and I'm a company Vice President. 

The ease of deployment is a key feature of this solution. 

With these solutions, flexibility is always an issue and that applies to Oracle and other similar products. Integreon, which is much smaller in size, is likely to be more flexible than IBM. 

There is a big concern here in India about deploying on cloud so the one thing I would like to see in the next release is a fast option from IBM that is hosted from their India cloud data center.

I've been using this solution for a few months. 

I think this is a stable solution. 

It's easy to scale this solution. 

Technical support is good. 

The initial setup is a little complex and requires some effort. It generally involves some customization and configuring and will require good online support. If you have a fair idea of the customer environment I don't think it takes a long time. There is very little, if any, maintenance required if the solution has been configured properly.

This is one of the core applications for customers and is not something like an endpoint security or perimeter security. It's a specialized use case. This is a textured product and the brand equity of IBM means it's reliable. I have long-term relationships with my clients and wouldn't like to deploy something that gives me problems. This is a good product. 

I would rate this solution an eight out of 10. 

It tests security to support SOX compliance.

It supports our audit compliance. We use IBM Guardium to support security initiatives and compliance policies within our organization. We have a lot of self controls which require the database to be monitored, especially for the privileged user.

• Its band monitoring. We just started to use it.
• The mobility assessment

I would like them to support cloud services.

It is pretty good, though we have had some issues. Sometimes the performance is not good, and also sometimes we have sudden bugs causing difficulties. Therefore, it is hard for IBM to fix.

Scalability is good.

My experience with technical support depends. Sometimes, with Level 1, it is not good. However, when the case goes to Level 2, the support is pretty good.

The initial setup was pretty straightforward.

Senior management is aware that Guardium has saved the organization time and money

We just talked to IBM. If we have a problem, maybe they can offer us something new, new features, etc.

IBM Guardium is good.

Most important criteria when selecting a vendor: reliability.