Try our new research platform with insights from 80,000+ expert users
Junior Software Engineer at a computer software company with 201-500 employees
Real User
Secure, easy to scale, easy installation, and reliable
Pros and Cons
  • "IBM Guardium Data Protection is very good at keeping your database secure."
  • "It would be helpful, and convenient to improve the Chat support."

What is our primary use case?

We are using this solution for a PoC.

IBM Guardium Data Protection is used to create policies, and rules for database access management.

What is most valuable?

IBM Guardium Data Protection is very good at keeping your database secure.

What needs improvement?

It would be helpful, and convenient to improve the Chat support.

For how long have I used the solution?

I have been using IBM Guardium Data Protection for four months.

Buyer's Guide
IBM Security Guardium Data Protection
November 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.

What do I think about the stability of the solution?

I have not had any issues with the stability.

What do I think about the scalability of the solution?

IBM Guardium Data Protection is a scalable solution.

Currently, as we are conducting PoCs, I am the only user. We created an in-house environment at my office. It is not yet ready to be used at the commercial level.

How are customer service and support?

They have good support when they are opening a case, but when on the Chat, the support is not good.

It would be helpful, and convenient to improve the Chat support.

How was the initial setup?

We had IBM appliances, which made it very easy to add. 

We added it to the virtual machine.

The installation was complete in 20 minutes.

What about the implementation team?

I was able to complete the installation myself.

What's my experience with pricing, setup cost, and licensing?

We are working with the trial version.

Licensing fees are paid on a yearly basis.

I don't have all of the information regarding the pricing, but my understanding is that it is on the high side. 

What other advice do I have?

IBM, in general, is the best. I would recommend this solution to others.

I am not familiar with other products. I only know IBM Guardium.

I would rate IBM Guardium Data Protection a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Information Technology Consultant at a outsourcing company with 501-1,000 employees
Real User
Top 5Leaderboard
Good monitoring, analytics, and data loss prevention capability
Pros and Cons
  • "From the perspective of analysis and prevention, this product is pretty accurate."
  • "Sometimes the connectors to the databases need to be manually updated and we have to configure them again, which is something that should be improved."

What is our primary use case?

The primary use case is for ensuring compliance with databases. It allows monitoring of what kind of statements and alterations are going on, as well as who is accessing what data.

How has it helped my organization?

IBM Guardium is useful for organizations that require compliance such as banks, insurance companies, and pension plans. Having it available allows us to focus on those clients.

What is most valuable?

The most valuable features are data loss prevention and data protection.

From the perspective of analysis and prevention, this product is pretty accurate.

What needs improvement?

Sometimes the connectors to the databases need to be manually updated and we have to configure them again, which is something that should be improved.

For how long have I used the solution?

I have been working with this solution for one year.

What do I think about the stability of the solution?

This is a reliable product.

What do I think about the scalability of the solution?

It is easy to scale. There are more than 5,000 users in total, although it does not run on all of the servers or user workstations.

How are customer service and technical support?

The technical support from IBM for this solution is pretty good. Support via email is available and overall, it is reliable.

Which solution did I use previously and why did I switch?

This is the first database security solution that I have worked with.

How was the initial setup?

I found the initial setup to be complex. There are a lot of connections between different components and it is not straightforward. Our deployment took approximately three days.

What about the implementation team?

We had the assistance of a system integrator.

What other advice do I have?

From my experience, I find that IBM Guardium is pretty good and I would recommend it.

The monitoring and analytics capabilities make it a very good product, although we have had intermittent problems with our database connectors so it is not perfect.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
IBM Security Guardium Data Protection
November 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.
Securead44 - PeerSpot reviewer
Trusted Security Advisor at a tech services company with 501-1,000 employees
Real User
Proven record of preventing unauthorized access and modifications to our customer's data
Pros and Cons
  • "It allows us to put in controls to make sure that only the right persons access the proper records in the database."
  • "The biggest complaint that I hear from customers and users is that using this solution requires database skills, yet it is a security and monitoring tool."

What is our primary use case?

This solution is for database security and protecting the core of the data. It allows us to put in controls to make sure that only the right persons access the proper records in the database. It prevents unauthorized access.

For example, a customer may want to restrict the database so that it is accessible only from within a specific application. This means that the database administrator will not be able to access the data from outside of the application, as is normally allowed by their administrative rights. It can prevent the administrator from seeing or modifying any data for which they are not allowed to do so.

It is also possible to set specific permissions, such as restrictions on the field, table, or record level of the database. Only people with explicit permissions can view or modify the data.

How has it helped my organization?

One of our clients is a passport authority, and they were able to successfully apply this solution to detect corruption within their organization. There had been some employees who had been illegally changing the status of some residents in return for money. Once this solution was deployed, they detected that somebody was making those changes in the database, caught the people, and stopped it from happening again. It was a big finding.

What is most valuable?

This solution has a lot of functionality and there are hundreds of use cases for it. We are talking about the database, which is the main business core for the company that holds all of the data. The features used by any one customer are dependent on their requirements and the relevant regulations.

That said, IBM Guardium has a lot of capabilities, even compared to other solutions on the market. It can do everything from detection to prevention, and it provides reports about this as well.

What needs improvement?

The biggest complaint that I hear from customers and users is that using this solution requires database skills, yet it is a security and monitoring tool. Specifically, it is a tool that is used for monitoring the database administrator. The database expert will not want you to implement control on top of him, so you instead need to utilize a person from security. However, security people do not have a complete set of database skills. So, there is always a gap in the administration and the person who is going to manage this tool. As such, the person using this tool feels that it is complicated, doesn't know where to go and what to do.

I have heard that the latest version has better support, with better access, and a better GUI that is easier to use than before. At the same time, this is still one of the main concerns that I always hear from the customers.

The second most common complaint that I hear is in regards to the support from IBM. Some of the cases are open for a very long time because they do not have local engineers to come and look at the issues. In our region, my company is providing 24/7 support to help close these gaps. This has strengthened our presence in the market, but in other regions, this is still a complaint that customers have.

For how long have I used the solution?

More than six years.

What do I think about the stability of the solution?

The feedback that I have heard from customers, and my team, is that the solution is very stable. It does not require a lot of things after it is set up for the first time. Once it is fine-tuned, you do not need to do much other than generate and show reports.

At the same time, I do still hear complaints directly from customers about stability. Specifically, it has to do with making changes. If there is an S-TAP agent installed on the service then sometimes the configuration needs to be changed. This might be by adding a new rule or policy. After this, the server needs to be restarted. It is impossible to frequently stop and restart a service when it is in production.

My team justifies this by saying that it only happens infrequently, at a rate of perhaps once a year. However, the customers still see it as a very difficult task that makes their lives tough. Other than this, I have not heard any complaints about stability.

What do I think about the scalability of the solution?

This is a highly scalable solution, but it requires a lot of resources.

For example, I know of a big bank that has been a long-time user of this solution, but they were looking to replace it because they need forty-four Guardium severs in order to monitor their entire database farm. They feel that this is too much and will cost a lot. They do not have a new solution at the moment, although they are looking at other options.

Before this solution existed, people did not have really have anything in place. It was a new concept and it became critical when people came to understand database risks. In 2011 or 2012, many banks started to use Guardium, and since then, it has been spreading to other sectors such as government, transportation, and healthcare.

How are customer service and technical support?

The complaints that we have heard are about IBM support in general and are not specific to the Guardium solution. There are gaps because they do not offer local support in every region. 

Which solution did I use previously and why did I switch?

I cannot recall an instance where a customer switched to this solution from another one that they already had in place.

We have been assisting people with migrating from earlier versions to the current version.

How was the initial setup?

The installation of the database, itself, is very easy and straightforward. 

The initial setup involves configuring the database connection with Guardium so that it monitors it correctly. It also depends whether you want to deploy the protection method or not, which means that you need to deploy the S-TAP agent on the service where the database resides.

Beyond that, most of the configuration is in the policy, itself. This changes based on what you would like to monitor, what you want to prevent, and what kind of queries you want to block. For me, fine-tuning the policy is one of the most important elements of the implementation. It also depends on the customer's knowledge, and whether the customer knows exactly what he needs. Some customers want you to not only deploy the system but also to create the policy. You have to translate their internal policy into a configuration, which can really take a long time.

When you deploy using the basic implementation, it is usually only a week or two before you get complaints from the customer. They don't see the value in the solution because they are overwhelmed. So, fine-tuning the policy takes time, and it should be taken very seriously and with care.

If the customer knows exactly what he needs then the deployment can be done in two weeks.

In terms of maintenance, it does not require a staff member full time. One person can dedicate perhaps three hours a day for monitoring, reporting, and doing a health check of the system. We sometimes offer visits to customer sites daily or weekly. For example, we can assist the customer for two hours per week to monitor the system and ensure that everything is working properly. It really doesn't require much work.

What about the implementation team?

Because we are a distributor, we work between the partner and the vendor. When it comes to implementation, we can either assist the partner or work with the customer directly, based on what the customer wants.

Our Guardian expert is dedicated to that product, and will either visit the customer to perform the implementation himself, or he will align with a partner and they will go together. Most of the implementations are handled by ourselves.

What was our ROI?

I have not specifically calculated the ROI for any of our customers. However, I have shown them general ROI. For example, one incident of losing one record, either by mistake or intentionally by one of the admins, will cost you a certain amount. Moreover, it is important to consider how much you will pay to not have this happen again. These types of losses in the database may be critical data and can affect the company's reputation.

In general, deploying this solution will cost very little compared to the cost of losing data.

What's my experience with pricing, setup cost, and licensing?

In the past, the pricing of IBM Guardium was very complex. It was dependent on the number of CPUs and other things to support the servers. Nowadays, things have changed. Pricing is dependent on the number of databases and the number of servers.

The licensing fees are paid yearly. One of the deployments that I know of had three databases, and the yearly fees are approximately $50,000 USD.

There are some additional add-ons that are available, but I do not see many people taking them. There is encryption, and there is a Guardium Inspection license, but I am not sure of the costs.

Which other solutions did I evaluate?

The main competitor in the market is Imperva. They were originally not allowed in the Kingdom because of their country of origin, but they now have a local Saudi team. Some customers were approached by Imperva and did not know of Guardium, and simply went with that solution.

There is also a phenomenon in the market that is quite common when a new technology comes from the outside. Even if people don't have the full picture or details about the existing one, they feel that it is "old". Everybody has it, and they need something new. Because of this, we see a lot of people making the choice to go with Imperva. 

What other advice do I have?

When it comes to implementing this solution, it is important for people to know exactly what they need to do. This includes what they need to monitor, what they need to protect, and what kinds of queries they want to prevent. They shouldn't rely on having this tool teach them what they need to do.

Next, people need to make sure that they are getting proper support. This can be from the vendor, by having an advanced SLA for example, or a strong local partner to help them. If they have any trouble, especially something urgent, then they want to have this support in place.

The third thing is to have somebody who is trained to take care of the system. Assuming that it is easy and that anybody can handle it will be the start of a larger problem. It will not seem too much at the beginning, but after a year they will be unhappy with the product.

It is important to recognize that there are several milestones for any Guardium project. Our consultant, for example, is an expert in that domain. He usually submits a project plan showing the implementation stages for the project. There are prerequisites that have to be put in place and verified, then Guardium deployed on the server. This can be either a physical or virtual server. Then the database configuration begins, which is followed by the fine-tuning phase. Finally, all of the appropriate documentation for these aspects has to be compiled. The length of time required for all of this depends on the requirements.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user588594 - PeerSpot reviewer
Security Software Presales Specialist
Vendor
Reporting is automated and activity alerts are routed to the appropriate responders.

What is most valuable?

Heterogeneous support for data activity monitoring. I have not been able to find any other product that can monitor as many platforms from one application. Guardium can monitor Windows servers, Linux, Unix, mainframe, and big data environments from one policy. Guardium captures data access activity across networks and local connections.

How has it helped my organization?

We now have one go-to application for all data monitoring. This has decreased the number of skills needed and enabled a faster route to compliance. Reporting is automated and activity alerts are routed to the appropriate responders.

What needs improvement?

While Guardium is great at structured monitoring (DAM), the product is lacking features on the file activity side (FAM). We would also like to see tighter integration with Active Directory and Exchange monitoring.

For how long have I used the solution?

I have been using Guardium for seven years.

What do I think about the stability of the solution?

We had some minor issues with earlier versions around agent compatibility. These were solved through support.

What do I think about the scalability of the solution?

Guardium scales easily. Simply add another collector appliance and the system will balance the load across all available appliances.

How are customer service and technical support?

IBM support has been responsive and we rarely need to escalate.

Which solution did I use previously and why did I switch?

Previously, we were using home grown scripts and native database tools. The issue with this approach is the need for expertise on every platform and ending up with dozens of tools to manage.

How was the initial setup?

Guardium is an enterprise class product and, with that, does require some training. I would suggest any enterprise looking to implement Guardium to purchase some amount of services. There is an option for Quickstarts. Once you understand how the agents work and have setup the first few, the rest are relatively simple. The real work is aligning your business goals with the Guardium policies you create. We often know we need to monitor a system but are not exactly sure what policy is needed. There has to be collaboration between IT, business owners, and compliance.

What's my experience with pricing, setup cost, and licensing?

Previously, Guardium fell under the IBM PVU license model. This was complicated to license and costly. The new license structure is per server and includes all features. Now we simply count the number of servers to monitor and purchase accordingly.

Which other solutions did I evaluate?

Besides native database auditing, which is very resource intensive, and homegrown tools, there are not a lot of options out there. The closest competitor is Imperva. Imperva is a close second. We chose Guardium over Imperva based on the ability for greater custom reporting, more platform support, and better integration with other IT tools.

What other advice do I have?

Buy services. You do not need to have services for the entire implementation, but, at a minimum, invest in the Quickstart option to get up and running and to provide knowledge transfer. Once Guardium is installed on a few systems, it is very easy to add and manage.

Disclosure: My company has a business relationship with this vendor other than being a customer: My company sells, implements, and manages this product.
PeerSpot user
it_user549432 - PeerSpot reviewer
Senior IT Consultant at a government with 1,001-5,000 employees
Vendor
It can capture database queries and use policies to feed SIEM tools for deeper correlation and for analysis. It gives us a tamper-proof audit of logged data.

What is most valuable?

The Data Activity Monitor is the most valuable feature of this product.

It has the capability to capture database queries and is using policies to feed SIEM tools for deeper correlation and for analysis of cyber security concerns on monitored databases.

How has it helped my organization?

It provides our organization with an integrated and tamper-proof audit of logged data to ensure that the database activities are checked and operating according to the industrial best practices.

What needs improvement?

The maintenance and support aspects of the product need improvement.

Probably, it should be more related to the product patching method. Even though the support service was great, the resolution doesn't comes quick enough to address the client's issue. We understand those resolutions only exist in the next patch version after quality testing. However, till that release comes out, we have to suffer in silence with the bug issues.

For how long have I used the solution?

I have used this solution for around two and half years.

What do I think about the stability of the solution?

We have encountered issues with stability.

What do I think about the scalability of the solution?

We have encountered issues with scalability.

How are customer service and technical support?

I would give the technical support a 7/10 rating.

Which solution did I use previously and why did I switch?

We were not using any other product prior to this one.

How was the initial setup?

The setup was not straightforward. There was some level of complexity in setting it up.

What's my experience with pricing, setup cost, and licensing?

Ensure what you want to protect, since it is charged as per the database instances.

Which other solutions did I evaluate?

We evaluated a couple of other options.

I would not like to discuss this much as it affects the other companies' image and integrity. The competitive products have their own good and bad.

What other advice do I have?

You need to know what you want to protect very well.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user841947 - PeerSpot reviewer
Systems DBA at a insurance company with 1,001-5,000 employees
Real User
We are more efficient in demonstrating compliance but the reporting features need work
Pros and Cons
  • "Our internal audit is keeping an eye out, and making sure that we're in compliance. Having the Guardium solution and its reporting helps us get through that process a lot more quickly and efficiently."
  • "The most valuable feature for me, in my role as systems DBA, is the expediting of internal and external audits."
  • "The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that."

What is our primary use case?

To protect the data. We're trying to monitor privileged users, get an idea of what's normal access, and to make sure that service account usage is only coming from the appropriate places, not being used by people from their own work stations.

How I would describe how well it's performing is that we are taking a slow and steady approach to it. Right now, I would say we're going from crawl to walk as far as usage goes; not using any of the sophisticated features, more getting the base implementation in place.

How has it helped my organization?

I think we have a better handle on who is accessing our data.

We use Guardium to support security initiatives and compliance policies within our organization. Our internal audit is keeping an eye out, and making sure that we're in compliance. Having the Guardium solution and its reporting helps us get through that process a lot more quickly and efficiently.

We're not using any of the workflow yet, but I would say yes, it is helping with compliance reporting. We're making sure that we're monitoring the usage of privilege accounts, managing the use of the service accounts.

We have not integrated Guardium with any other systems.

It has made us more efficient in demonstrating that we are in compliance, and enables to get through audit processes more quickly, which saves time and money.

What is most valuable?

Probably the most valuable feature for me, in my role as systems DBA, is the expediting of internal and external audits.

What needs improvement?

The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that. It was built by the guy who helped develop Guardium but left IBM and spun up his own company. They found a need and they filled it. I think they filled it better than at least IBM thinks they can do for now.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I'm not the administrator of the product so I don't know that I would be the best one to answer this. But from more of a consumer's perspective, the fact that the S-TAPs and such run on my systems, it has not caused us any problems; a little bit in the SQL Server space, but overall it has been good.

What do I think about the scalability of the solution?

I think that it's very scalable. You can spin up new Collectors and Aggregators as needed so, I'd say it's sufficient.

How are customer service and technical support?

I do not have experience with technical support. I know that our main Guardium guy is the head of the user group, so, he has used it. He has connections. He usually gets quick feedback because they know he is very visible.

Which solution did I use previously and why did I switch?

We had rolled our own stuff to do some of what Guardium does, but I think it was organizational recognition that switching was something that needed to be done. The monitoring and reporting was lacking in our organization. We had pockets where we had built our own, but now we're able to use one platform to do that monitoring for all of our database environments.

We went with IBM because it was a combination of functionality and familiarity, in that we have a lot of IBM products in-house, and it fit the criteria.

How was the initial setup?

It was straightforward.

Which other solutions did I evaluate?

We did evaluate others, but I couldn't tell you what they were because that was a couple of years ago.

What other advice do I have?

It does a good job for what it's designed to do. You may want to look into the enhanced reporting that's available by the third party, because some of the report-building features are not as nice as some of the third party's.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user542787 - PeerSpot reviewer
Senior Middleware Engineer at a tech company with 501-1,000 employees
Real User
We used it to harden databases by defining policies for alerting and blocking access to prohibited and restricted data.
Pros and Cons
  • "Database logging and audit functions are the most valuable features."
  • "I would like to be able to upgrade appliances within major versions without needing to rebuild the appliance."

What is most valuable?

Database logging and audit functions are the most valuable features. In some fields like banking, it's very important to be aware of the actions of database users, and ensure that those without the permission to access information do not access it.

How has it helped my organization?

We succeeded at hardening our customer databases by defining policies for alerting and blocking access to prohibited and restricted data.

What needs improvement?

I would like to be able to upgrade appliances within major versions without needing to rebuild the appliance. Once, I tried to upgrade a Guardium Appliance from v9.5 to v10 and there was no available patch for that. Therefore, the solution was to back up the appliance data, rebuild the appliance with the v10 image and then restore the data. This procedure is highly risky, because you can lose all the data if the restoration does not succeed. Installing a patch is much easier and there is no data loss risk!

For how long have I used the solution?

I have used it for 2 years.

What do I think about the stability of the solution?

I have not encountered any stability issues.

What do I think about the scalability of the solution?

I have not encountered any scalability issues.

How are customer service and technical support?

Technical support is unsatisfactory. IBM Support failed to provide me with the v9-v10 upgrade patch as it is suggested on a upgrade roadmap technote.

Which solution did I use previously and why did I switch?

Back when I was a developer, I developed an audit trail module in Java/JEE. Obviously, it was not as sophisticated as Guardium.

How was the initial setup?

Initial setup was straightforward.

Which other solutions did I evaluate?

Before choosing this product, I did not evaluate other options. We implement exclusively IBM products.

What other advice do I have?

At first, IBM Guardium may seem complicated, but once you learn the basics, it becomes simple to use.

Disclosure: My company has a business relationship with this vendor other than being a customer: We're IBM business partners.
PeerSpot user
it_user844488 - PeerSpot reviewer
Security Analyst at a insurance company with 1,001-5,000 employees
Real User
Supports security initiatives and ensures compliance policies, but ​It will not work as fast as you want
Pros and Cons
  • "Supports security initiatives and ensures compliance policies."
  • "We now have the ability to begin to understand how people, applications, and service accounts are interacting with data to better protect it."
  • "​It will not go as fast as you want. ​"
  • "Initial setup is very complex. Once you start interacting with people's databases, they get very hesitant. Then, the amount of social tasks to socialize the solution ensuring people are comfortable with it became a much heavier lift."

What is our primary use case?

Database activity management to ensure compliance audit regulations. It is also to manage risk. It is performing well, but we have a large journey to go.

How has it helped my organization?

Previously, we had no monitoring for our databases. Now, we have the ability to  begin to understand how people, applications, and service accounts are interacting with data to better protect it.

We use IBM Guardium to support security initiatives and compliance policies.

We have integrated IBM Guardium with QRadar.

What is most valuable?

Being able to go back to see what people are touching, and when they are touching it, then look at the risk of who is touching what and how they are touching the data. This will give us a better understanding of how people interact with our data. 

We do not use many of the advance features, but we will soon. We are looking at Sensitive Data and User Behavior Analytics.

What needs improvement?

It will not go as fast as you want. 

What do I think about the stability of the solution?

We are about 50 to 60 percent there. A lot of that has to do with us implementing it a little better, and redesigning what we thought would be their protection. We need to do a bit more efficient architecture, as some things are coming down the pipeline for the roadmap of the product.

What do I think about the scalability of the solution?

The scalability is not an issue, though it is not the easiest thing to scale. However, I seen the coming roadmap, where the scalability will be easier.

How is customer service and technical support?

I would rate technical support as fair. Unfortunately, it takes time to figure out an answer to our issues, because they are unique, not just a standard answer.

How was the initial setup?

It is very complex.

Pushing agents and tabs seems pretty standard from a technical perspective. Once you start interacting with people's databases, they get very hesitant. Then, the amount of social tasks to socialize the solution ensuring people are comfortable with it became a much heavier lift.

What other advice do I have?

There are a lot of things that could be better, but it is performing pretty well.

Take your time and learn each step. Make sure that you understand each step, because if you miss something, it will come back. Then, you have to circle back and figure it out anyway.

Most important criteria when selecting a vendor:

  • Price
  • Support
  • Reliability in the marketplace
  • Integration with other systems.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Product Categories
Database Security
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.