Try our new research platform with insights from 80,000+ expert users
PeerSpot user
-- at a tech services company with 51-200 employees
Consultant
Provides regulatory compliance proof and evidence for audit
Pros and Cons
  • "The ability to collect the data without database administers being able to modify it."
  • "It provides us regulatory compliance proof and evidence for audit."
  • "Performance and the ability to use resources could be improved."
  • "The ability for Central Managers to talk to one another could be improved. I have 26 Central Managers and 26 silos which are independent."

What is our primary use case?

  • Database access monitoring
  • Vulnerability assessment
  • PCI compliance
  • SOX compliance
  • GDPR compliance 

How has it helped my organization?

  • It provides us regulatory compliance proof and evidence for audit. 
  • It allows us to find bad actors. 
  • It allows us to find people who are doing stupid things, and do it without the intervention and loss of data integrity of the people that we are monitoring manipulating the data.

We have integrate IBM Guardium with ArcSight and Splunk.

What is most valuable?

The ability to collect the data without database administrators being able to modify it.

What needs improvement?

  • There are some GUI improvements that I have provided to development already.
  • Performance and the ability to use resources could be improved. 
  • The ability for Central Managers to talk to one another could be improved. I have 26 Central Managers and 26 silos which are independent.
  • Some of the data handling or data recording could be improved. We are doing it with external software, components, etc. 
Buyer's Guide
IBM Security Guardium Data Protection
November 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

For the most part, it is stable. Depends on the year.

What do I think about the scalability of the solution?

It has scaled. It was pulling teeth, but it does scale. 

We taught IBM about the limits of the product. They did not think there were limits to the product. There were, because we do very extensive testing of performance. We can tell you when a product is going to break. Their development thought this was valuable because they do not have the facilities to do this sort of extensive testing.

How are customer service and support?

Technical support is very knowledgeable now. 

At one time, they were horrible since they were blue washed. After the blue wash and a couple of years on the honeymoon, then they have gotten considerably better. They have had problems understanding that they do not know as much about the company's environment as the employee does. This will result in them downgrading tickets, and they will just do it on the fly. This is not a good thing because they do not understand the issue. This may not look like a sub 1 ticket to IBM support, but it is.

Which other solutions did I evaluate?

We went in and tested it. We continually test everything that is in the industry. Guardium has significantly gone past the mark of acceptable every single time, as compared to their other competitors.

What other advice do I have?

Overall, it is a very solid product. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
it_user842865 - PeerSpot reviewer
Database Administrator at a financial services firm with 11-50 employees
Real User
Automates detection of access to restricted data across our multiple platforms
Pros and Cons
  • "It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes."
  • "This is a multi-platform solution that consolidates everything and centralizes support for it."

    What is our primary use case?

    It's a security product that works across multiple platforms, in our case it's the mainframe and the midrange. We use it to detect when somebody accesses restricted data and report on it.

    So far it has performed quite well, we're happy with it.

    How has it helped my organization?

    We used to use cobbled-together scripts, different products and different pieces on different platforms. This is one consolidated tool so one report comes out for each director and it's clean and easy. There is some scripting involved to tell it what is important and what is not important - which is important to us.

    In terms of security initiatives and compliance policies within our organization, that's basically what we use it for: the reporting of who touches what data. And that goes up to the directors and they approve or get mad at you and ask you why you did something.

    IBM Guardium probably helps us comply with industry regulations like SOX, PCI, or GDPR, but the big driver was more internal and audit-related, rather than industry-related.

    We haven't integrated Guardium with other systems we have.

    It has saved us time and money. As I mentioned, we had a bunch of cobbled-together scripts that were manually maintained for different platforms. This solution automated all that and made it such that the security administrators can run it themselves and not involve us. So there is less "people effort." Senior management is aware of the savings.

    What is most valuable?

    It makes the auditors happy.

    It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes.

    I have no idea what the advanced features are, so we're probably not using them.

    What needs improvement?

    Lower pricing would always be good but apparently we're getting our money's worth or we wouldn't be using it.

    What do I think about the stability of the solution?

    I'm pretty impressed with the stability. There was medium-sized initial effort getting it configured and set up and doing what we wanted it to do, but it just runs and we don't have to deal with it.

    What do I think about the scalability of the solution?

    We run it on the mainframe and on the midrange platforms and we haven't had any performance issues of any kind. We haven't really had to scale it. We pick and choose what's important to us, so we don't monitor everything. If we were going to monitor everything it would probably be an issue, something we would have to address.

    How are customer service and technical support?

    I have not used tech support personally. We did have some support help at the beginning, learning it and getting it set up.

    Which solution did I use previously and why did I switch?

    We were previously using homegrown scripts. We decided to switch primarily because this is a multi-platform solution that consolidates everything and centralizes support for it.

    When selecting a vendor, we reviewed two other products, but the main reason was that this is a multi-platform solution and it worked well in our environment.

    How was the initial setup?

    I was not directly involved but I was involved somewhat since I had worked with some of the systems in the past, so maybe some requirements gathering.

    The setup seemed pretty straightforward to me.

    What other advice do I have?

    We're very happy with it. It depends on what your needs are, but it meets our needs.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    IBM Security Guardium Data Protection
    November 2024
    Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
    816,406 professionals have used our research since 2012.
    PeerSpot user
    Database Security Specialist at a tech services company with 51-200 employees
    Consultant
    Provides database activity monitoring. Can discover databases on your network and find their vulnerabilities.

    What is most valuable?

    • Monitors database activities of end users who are connected to databases (DBAs and developers)
    • Classifies critical objects on the databases
    • Discovers databases on your network
    • Finds vulnerabilities of your databases
    • Blocks critical activities

    How has it helped my organization?

    • Helps us define and monitor critical data in the environment, even when stored in RDBMS, big data, or unstructured files.
    • Helps us to pass compliance audits, such as like HIPAA, SOX, and PCI.

    What needs improvement?

    The blocking and dynamic data masking features need improvement.

    For how long have I used the solution?

    I am working as an IBM partner. We have provided solutions for nearly 50 customers for five years. Most of our customers are banks and telecoms.

    What do I think about the stability of the solution?

    IBM Security Guardium is a mature product. Although it needs agents on the server to monitor their database or file traffic, we did not encounter serious issues so far.

    How are customer service and technical support?

    IBM has three layers for Guardium support. In critical cases, technical support analyzes the issues very quickly to find a solution.

    Which solution did I use previously and why did I switch?

    I did not use another solution before this one.

    How was the initial setup?

    The setup is straightforward. There is an ISO file that is developed by IBM that contains all of the OS and Guardium application files. All that remains to be done is to configure the post-installation settings.

    What's my experience with pricing, setup cost, and licensing?

    Licensing is the worst part of the product. This is because IBM uses Processor Value Units (PVUs) to calculate the license. The customers complain about this.

    In the latest version of the product, there are four types of licenses:

    • DAM (Database Activity Monitoring)
    • DAM Advanced
    • FAM (File Activity Monitoring)
    • FAM Advanced

    If you only need database activity monitoring, then DAM is enough.

    If you need blocking and masking features, you will need the DAM Advanced license.

    Which other solutions did I evaluate?

    I did not evaluate other options. I am an IBM partner.

    What other advice do I have?

    There are three main steps when implementing a Data Activity Monitor (DAM) solution.

    1. Discover and Classify: Find your databases in your environment, and decide which one of them has confidential data that you need to monitor. Classify your data in your database if it includes critical data like personal ID, credit card, or IMEI numbers.
    2. Monitor Activities: Monitor all end-user activities while developing your policy rules and critical activities.
    3. Block Critical Activities: Define and block critical activities to prevent data leakage.
    Disclosure: My company has a business relationship with this vendor other than being a customer: I am an IBM partner.
    PeerSpot user
    it_user589479 - PeerSpot reviewer
    Security Consultant at a energy/utilities company
    Consultant
    Captures data requests from various sources and consolidates them for analysis.

    What is most valuable?

    It captures all data requests regardless of the source and consolidates them for analysis.

    How has it helped my organization?

    The ability to audit across multiple data environments led to a greater understanding of the data traffic and the potential weaknesses in the access controls. This eased the creation of audit trails for customers.

    What needs improvement?

    Reporting has always been a weakness, but it has improved across the versions. In early versions, the reporting always seemed like a late add-on, and the graphics were poor. This has improved over the years and the reporting is a lot better now, with greater filtering and display options.

    For how long have I used the solution?

    I have used this solution with various clients for ten years.

    What do I think about the stability of the solution?

    There were issues with stability of the agent software in previous versions, but it is less of an issue now.

    What do I think about the scalability of the solution?

    The only issues are when users have not maintained the collection policies or the archiving and aggregation policies correctly. Units can fill up if not maintained and managed.

    How are customer service and technical support?

    Over the years, it has changed many times, but the US support is very good.

    Which solution did I use previously and why did I switch?

    I have often replaced internal database auditing features with Guardium. The main reason for the switch was to segregate the auditing from the database administrators.

    How was the initial setup?

    It is very dependent on the environment in which it is being installed. It can be complex if users do not take the time to build their policies carefully.

    What other advice do I have?

    Take your time. Think about the elements you want to audit. Don't just audit everything. Understand the normal traffic, so you can focus on the abnormal traffic.

    Disclosure: My company has a business relationship with this vendor other than being a customer: I am a freelance implementer for the product, so I am known to the company and they have used me in the past.
    PeerSpot user
    PeerSpot user
    Information Security Analyst at a government with 1,001-5,000 employees
    Real User
    The query rewrite and redaction functions provide flexible/dynamic control of our data.

    What is most valuable?

    The database activity monitoring and firewall features of Guardium address our database security requirements. The combination of policies, alerts, baselines, reports, and query rewrite functions are easy to use and provide enough room for customization.

    How has it helped my organization?

    It provides us more visibility and control of our business functions. The query rewrite and redaction functions also provide flexible/dynamic control of our data, which is indeed helpful for complex scenarios.

    What needs improvement?

    The backend database requires improvement for faster searching. This makes it easier for analysts to investigate older data.

    For how long have I used the solution?

    I have been using Guardium since mid-2013.

    What do I think about the stability of the solution?

    I did not encounter any major stability issues in the last three years, except a couple of minor issues with S-TAP agents.

    What do I think about the scalability of the solution?

    The solution is easily scalable.

    How is customer service and technical support?

    I mostly get quick support although I did not encounter any complex error yet. I rate technical support at 7/10.

    How was the initial setup?

    The installation and configuration of a collector is simple and straightforward. The ease of deployment is dependent on whether you choose agent-based monitoring or network traffic, SPAN-based monitoring.

    What's my experience with pricing, setup cost, and licensing?

    The Guardium licensing is based on PVU and as a result, the solution became a bit costly. I am not aware of the licensing and pricing model of its competitors. But if the focus is pricing, then one can consider other options as well.

    Which other solutions did I evaluate?

    We were considering DbProtect but at that time, DbProtect had no support for Teradata.

    What other advice do I have?

    If you have enough budget for database security, you must evaluate this product for your use cases.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user775272 - PeerSpot reviewer
    it_user775272senior customer support at a tech vendor with 1,001-5,000 employees
    Vendor

    Thanks Farhan for unbiased comments with Guardium

    reviewer1131528 - PeerSpot reviewer
    Technical Manager at a computer software company with 51-200 employees
    Real User
    Effective monitoring, scalable, but less coding requirements needed
    Pros and Cons
    • "There are different modules but the most valuable ones are firewalling and masking. Additionally, the auditing of the entire database is helpful, which includes all the activity of the database users and administrators. We can monitor everything and log as well."
    • "If IBM Guardium Data Protection could find a way to not have a lot of coding and development required to get the solution up and running it would be an advantage. The information of the agent could improve, which is necessary for us to monitor the databases would be a great benefit."

    What is our primary use case?

    We use IBM Guardium Data Protection mostly for data masking and firewalling. We restrict the administrators and other users from altering or deleting anything from the databases.

    What is most valuable?

    There are different modules but the most valuable ones are firewalling and masking. Additionally, the auditing of the entire database is helpful, which includes all the activity of the database users and administrators. We can monitor everything and log as well.

    What needs improvement?

    If IBM Guardium Data Protection could find a way to not have a lot of coding and development required to get the solution up and running it would be an advantage. The information of the agent could improve, which is necessary for us to monitor the databases would be a great benefit.

    For how long have I used the solution?

    I have used IBM Guardium Data Protection within the last 12 months.

    What do I think about the stability of the solution?

    The solution is quite stable compared to the other solutions that we have worked with. However, it requires a lot of development, or it requires a lot of effort to make it deployable in a customer location, which makes it very difficult.

    What do I think about the scalability of the solution?

    IBM Guardium Data Protection is scalable.

    How was the initial setup?

    The solution is good and stable but you need some manual efforts in terms of development and programming or coding to get the solution up and running, which does make it a bit challenging if you don't have a large team.

    What other advice do I have?

    I rate IBM Guardium Data Protection a seven out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    PeerSpot user
    it_user842892 - PeerSpot reviewer
    Cyber Security Architect at a tech services company with 11-50 employees
    Real User
    Our clients use Accelerators to help with PCI and GDPR compliance
    Pros and Cons
    • "We have integrated IBM Guardium​ with IBM Watson Curator. They access Curator to identify and correlate other actions the user is doing to determine if this is a legitimate action or not."

      What is our primary use case?

      We have implemented it on an industrial network to monitor the production of medicines. This is something that is very controlled by Brazilian regulations and we have to keep an audit trail for this data. Trying to enable it on SQL Server - that was our client's main server - the load would go so high that they couldn't use the application anymore. They are using Guardium now so they can produce that audit trail for audit compliance.

      How has it helped my organization?

      We have integrated IBM Guardium with IBM Watson Curator. They access Curator to identify and correlate other actions the user is doing to determine if this is a legitimate action or not.

      In terms of advanced features, our clients are starting to implement it on an order basis so they can get to GDPR and the like; those Accelerators. They also use it a lot for PCI, to get access to credit cards.

      Guardium has saved us time and money, mainly on the discovery process and senior management is aware of this, of course.

      What is most valuable?

      The Audit Trail.

      What needs improvement?

      They could improve the Data Masking a little.

      What do I think about the stability of the solution?

      Stability is quite good. We had some problems, but support is very effective so we were able to solve them very quickly.

      We had instability with reports, they were giving some errors. I don't know exactly what had happened because I wasn't the one involved, but we couldn't access reports.

      How are customer service and technical support?

      Tech support is very good.

      Which solution did I use previously and why did I switch?

      We knew we needed to switch because of that problem with the audit trail, that SQL couldn't keep up with what we needed to do for auditing. That's why we had to search for a new solution.

      How was the initial setup?

      It's very easy.

      What other advice do I have?

      I would rate it an eight out of 10 because it is very stable; we had some problems but they were solved, and we can do what we need to do.

      Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
      PeerSpot user
      PeerSpot user
      BI Consultant /Data Security at a tech services company with 51-200 employees
      Consultant
      You can divide roles, creating safe access zones; manage credentials; and access rules.

      What is most valuable?

      • Detailed and customizable reports with real-time alerts for the full vision of database/files activity.
      • Versatile rules for access control in real-time including blocking, masking, etc.: These rules are really helpful to fulfill enterprise security specifications. With them, you could divide roles, creating safe access zones; manage credentials; and access rules. The rules are easy to develop and customize.

      What needs improvement?

      • UI: Version 10 of Guardium was introduced with a new UI that was completely redesigned. Some fast-access functions and options are not easy to find in the new UI.
      • Real-time masking is a bit simple and doesn't allow you to create complex masking rules.

      For how long have I used the solution?

      I have about one year of hands-on experience.

      What do I think about the stability of the solution?

      I have not encountered any stability issues.

      What do I think about the scalability of the solution?

      I have not encountered any scalability issues.

      How are customer service and technical support?

      Technical support is 9/10. I participated in communication with tech support only once.

      Which solution did I use previously and why did I switch?

      I did not previously use a different solution.

      How was the initial setup?

      Initial setup is straightforward. All the commands are simple to understand. The installation guide is simple and comprehensive.

      Which other solutions did I evaluate?

      Before choosing this product, I evaluated Imperva products.

      What other advice do I have?

      This product could by easily used with other security products; for example, SIEM products such as IBM QRadar and ArcSight.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Buyer's Guide
      Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.
      Updated: November 2024
      Product Categories
      Database Security
      Buyer's Guide
      Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.