We are using IBM Guardium Data Protection for activity monitoring, blocking users, entitlement for knowing the privilege for users, and Guardium data features.
Security Specialist at a tech services company with 51-200 employees
Supports many databases, scalable, and straightforward installation
Pros and Cons
- "The solution supports a lot of databases."
What is our primary use case?
What is most valuable?
The solution supports a lot of databases.
For how long have I used the solution?
I have been using IBM Guardium Data Protection for approximately three years.
What do I think about the stability of the solution?
IBM Guardium Data Protection is stable.
Buyer's Guide
IBM Security Guardium Data Protection
October 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
What do I think about the scalability of the solution?
The solution is scalable.
We have approximately six people using the solution.
How are customer service and support?
The technical support has been very good.
How was the initial setup?
IBM Guardium Data Protection's installation is straightforward and takes a few hours.
What about the implementation team?
We have five people that do the implementation and maintenance of the solution.
What's my experience with pricing, setup cost, and licensing?
The price of the solution could be better.
What other advice do I have?
I would recommend this solution to others.
I rate IBM Guardium Data Protection a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Analyst at a tech services company with 501-1,000 employees
Capture mode collects all activity and Collector stores the data for traceability
Pros and Cons
- "The most valuable feature is using the capture operation mode “S-TAP/K-TAP agent”, because all activities in the database are captured, including direct access to the database server by privileged users. This is useful because, even if the database server logs were deleted, the Guardium Collector has already stored such data to enable traceability of access."
- "The possible number of databases and database servers which can be monitored by Guardium is high. For me, this is a differentiator of IBM."
- "I have already mentioned to IBM that a primary need is to improve the number of records in the reports above 65,535."
What is our primary use case?
Guardium is used based on our Manual of Internal Procedures (MPI), and its uses range from creating a rule to generating customized reports. The main use case is the procedure "Investigate Incidents Recorded by Unauthorized Access," with action "notify by electronic message the manager and/or leader of the area."
How has it helped my organization?
Improved security through the visibility and control of all access to the databases.
What is most valuable?
The most valuable feature is using the capture operation mode “S-TAP/K-TAP agent”, because all activities in the database are captured, including direct access to the database server by privileged users. This is useful because, even if the database server logs were deleted, the Guardium Collector has already stored such data to enable traceability of access.
What needs improvement?
I have already mentioned to IBM that a primary need is to improve the number of records in the reports above 65,535.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
Depending on the policy and rules applied, there is a need to increase the minimum requirements (RAM and storage - HD) for better operation and not to experience hardware slowdowns due to the high flow of traffic. IBM brings the "minimums" and "recommendation." From experience in versions 9x and 10x, when installing Guardium, it's important to verify the "recommendation" requirements of IBM for stability. It is worth mentioning that the requirements (minimums or recommendation) are different for Collector and aggregator.
What do I think about the scalability of the solution?
The two major Database Audit and Protection (DAP) solutions are IBM Guardium and Imperva SecureSphere. There are two modes of operation of these solutions: remote agent and sniffer (out-of-band). I recommended using the remote agent to obtain direct access captures on servers.
Note that in non-mainframe environments, both solutions are scalable. For the mainframe environment, Guardium has updated installation agents with the latest kernels and releases. This makes a big difference in companies with mainframes, so it is necessary to keep the technology pack updated.
Regardless of the mode of operation, when increasing the number of servers monitored it is important to re-evaluate or perform new sizing. The possible number of databases and database servers which can be monitored by Guardium is high. For me, this is a differentiator of IBM.
How are customer service and technical support?
On a "bad, good, and excellent" scale, I rate it as good.
Which solution did I use previously and why did I switch?
Initially, there were two solutions to be evaluated: Oracle and Imperva. Oracle DAP was not evaluated because it does not monitor Linux or Windows Server-only environments.
I evaluated Imperva and got good results. However, there is a delay by Imperva in creating updated agents for Linux and Unix, including for mainframe. For me, this is a problem because it is necessary to always keep the environment up to date. If you update the kernel or release of mainframes and do not have the agent upgraded, the DAP will not monitor.
How was the initial setup?
For those who do not have experience, it is complex. There are several configurations to be made, from the configuration of NTP, IP, Mask, registration of the Collectors in the Central Manager, integration with other tools like storage (backup), LDAP, SIEM, through to the application of the policies and customized rules. Note: There are some pre-set rules that can also be customized.
What's my experience with pricing, setup cost, and licensing?
The price of Guardium is higher than the main competitor, Imperva. In addition, it's complex as the calculation of the licensing is done by Processor Value Unit (PVU).
However, before purchasing a DAP solution, it is important to analyze specific points to evaluate the cost-benefit of each tool. For example: Does the environment to be monitored have mainframes? If so, it's a point for Guardium. If not, a point for Imperva. Note: IBM is looking into a new licensing policy and reducing the price of Guardium.
What other advice do I have?
- Read important articles related to DAP such as the "2017 Planning Guide for Security and Risk Management."
- Gather information from the servers (operating system with version and database types with the versions) of the environment to be monitored.
- Check which DAP solutions can monitor the environment.
- List the “mandatory requirements” and “non-mandatory requirements.” It is important to have in mind which points will be evaluated.
- Request PoCs with the main DAP manufacturers (IBM, Imperva, and Oracle).
- Do the sizing with the topology to get an idea of the requirements and cost of the project.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
IBM Security Guardium Data Protection
October 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
Business Development Manager at a tech services company with 10,001+ employees
It made the setup easy for us
Pros and Cons
- "Encryption is not straightforward, but Guardium made the setup easy for us."
- "It needs an integration with Optum."
What is our primary use case?
Database encryption.
What is most valuable?
- Encryption
- Data activity monitoring
- It has a set of modules.
- I compliment with Optum for a data masking solution.
What needs improvement?
An integration with Optum. Optum is another solution, but it is a segmenting software, portfolio not security. However, I am selling them together as one solution, Guardium and Optum.
For how long have I used the solution?
Less than one year.
How are customer service and technical support?
I am dependent on my team for support of this product.
Which solution did I use previously and why did I switch?
My main solution was Micro Focus voltage data encryption solution, but it was too complicated.
How was the initial setup?
Encryption is not straightforward, but Guardium made the setup easy for us.
What other advice do I have?
Most important criteria when choosing to partner with a company: I started working with IBM only one year back. When I started a partnership with them, IBM had the security portfolio which covered most of the region where my customers were. IBM has a name with the support along the quality of its products.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
IT Manager at a financial services firm with 1,001-5,000 employees
Very good for security and compliance, simple to use and manage
What is our primary use case?
The primary use case is security of our data in the bank.
Performance is very good.
How has it helped my organization?
Security. This is the main capability that you have in this solution.
In terms of compliance, we need to track users, database logins, and run inquiries. Guardium stores this log information very well. We don't use it for compliance with industry regulations like SOX, PCI or GDPR.
We have integrated Guardium with our database, SQL server, Hadoop, and Oracle Database. The integration is very simple. We just installed the solution and the rest was very simple.
I believe Guardium save us time and money. Upper management is aware of these savings.
What is most valuable?
It's simple to use and managing the solution. It's very, very good for security and tracking users and databases in the organization.
What do I think about the stability of the solution?
Stability is very good. I don’t have downtime with this solution.
How is customer service and technical support?
We used support to configure Guardium with Hadoop only. The support was good. I did not need to escalate this ticket.
What's my experience with pricing, setup cost, and licensing?
The pricing was for a big package, including all IBM products. As such, it was good value.
Which other solutions did I evaluate?
I don’t know because I am new in this company. I don’t know the history.
What other advice do I have?
When selecting a vendor, I look at the price and the scope of solution.
My advice is to use this solution. For security and compliance it is very, very good.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior IT Consultant, Pre-Sales Manager, Project Leader at a tech services company with 51-200 employees
Fulfills the international standard security requirements, such as PCI DSS.
What is most valuable?
- Database Activity Monitoring: Fulfills the international standard security requirements, such as PCI DSS
- It is very transparent on all of the query access controls of the monitored databases
How has it helped my organization?
According to my client, it fulfills the PCI DSS standard requirements that are implemented in his bank.
What needs improvement?
The graphics are so lame. I am sure that the latest version of Guardium, Version 10, would have improved it perfectly.
I see that they have improved the chart and diagram in the latest version of Guardium. However, there are some limitations on how the chart displays the data for analytic needs.
I am not sure if Guardium has the dashboard design to see the information much better.
For how long have I used the solution?
I have used it for three years.
What do I think about the stability of the solution?
We did encounter stability issues. Do not upgrade directly to the latest fix pack unless people have confirmed that it is stable.
What do I think about the scalability of the solution?
There were no scalability issues.
How is customer service and technical support?
Technical support is always available for you. I suggest the following:
- Call IBM and make a Severity 2 request instead of Severity 3 request.
- Ask them to provide remote access to your system right away.
- Prepare the log files that they usually request.
What's my experience with pricing, setup cost, and licensing?
They have changed the way of licensing. It is no longer according to your core. It is now based on how many servers you use. The price should be way less expensive.
Disclosure: My company has a business relationship with this vendor other than being a customer: Optus Solution is an IBM Business partner and I work for Optus. If you are looking for a company or a consultant, you may contact me via my email: lin.guangming2010@gmail.com.
Head, Cybersecurity at a tech services company with 11-50 employees
Flexible reporting with excellent discovery classification and vulnerability assessment
Pros and Cons
- "The reporting side is also very, very good, especially its flexibility which allows you to tailor the reports to whatever information you want."
- "An improvement would be to make the pricing relative in terms of regions."
What is our primary use case?
I mainly use this solution to monitor the activity happening in the database.
What is most valuable?
The most valuable features are the modules, discovery classification, and vulnerability assessment. The reporting side is also very, very good, especially its flexibility which allows you to tailor the reports to whatever information you want. It also has the advantage of architectural data collection from the database.
What needs improvement?
An improvement would be to make the pricing relative in terms of regions. In the next release, IBM should incorporate more AI capabilities to better detect vulnerabilities.
For how long have I used the solution?
I've been using Guardium for four years.
What do I think about the stability of the solution?
Guardium is a stable system.
What do I think about the scalability of the solution?
You can scale Guardium up and down according to your needs.
How are customer service and support?
IBM's technical support is very good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup will be straightforward for those with technical experience but may be more challenging for less experienced users.
What's my experience with pricing, setup cost, and licensing?
Guardium's pricing is quite high, but it gives good value for money for all sizes of enterprises, especially for partners.
What other advice do I have?
I would give Guardium a rating of eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Audit Process Builder enhances audit tasks and compliance workflows
Pros and Cons
- "Audit Process Builder – Workflow generator to enhance audit tasks and compliance workflows."
- "Compliance Quick Start – Quick, GUI, step-by-step guide to automate compliance and give the customer a quick ROI."
- "Needs easier integration with custom applications."
What is our primary use case?
As a registered IBM Business Partner, our main interaction is to deploy Guardium at client sites.
What is most valuable?
- Audit Process Builder – Workflow generator to enhance audit tasks and compliance workflows.
- Compliance Quick Start – Quick, GUI, step-by-step guide to automate compliance and give the customer a quick ROI.
What needs improvement?
Needs easier integration with custom applications.
For how long have I used the solution?
Three to five years.
What other advice do I have?
I would give the product a score of eight out of 10. This is due to its deep level of granularity and guided process/audit workflow generation.
Disclosure: My company has a business relationship with this vendor other than being a customer: IBM Business Partner.
President at a tech vendor with 1-10 employees
Helps us support security initiatives and compliance policies like HIPAA and PCI
Pros and Cons
- "It provides a comprehensive security for databases, both on-prem and on the cloud. Among the advanced features we use automatic backups, DR."
- "More predictive, using Watson AI would be good."
What is our primary use case?
To provide cyber security for databases.
It has performed very well.
How has it helped my organization?
It has made us more responsive and more productive, more efficient.
We use Guardium to support security initiatives and compliance policies. We are in the healthcare world, so it helps us with HIPAA compliance. It has also helped us with PCI. We haven't gone with GDPR.
We have not yet integrated Guardium with other systems we use.
It has saved us time and money by definitely making us more productive. Senior management is aware of this.
What is most valuable?
It provides a comprehensive security for databases, both on-prem and on the cloud.
Among the advanced features we use automatic backups, DR. We'd like to implement more predictive, using Watson.
What needs improvement?
More predictive, using Watson AI would be good.
What do I think about the stability of the solution?
It's very stable.
What do I think about the scalability of the solution?
It's scalable.
How are customer service and technical support?
We sometimes use technical support from IBM. It has been good, very good.
Which solution did I use previously and why did I switch?
We were using traditional cyber security stuff. But this is a pretty good product. We became an IBM business partner, we are a cyber security business partner for IBM. We have other products besides Guardium that we are marketing.
The most important criteria when selecting a vendor are their
- stability
- quality
- support.
How was the initial setup?
It was straightforward.
What other advice do I have?
Buy it.
Disclosure: My company has a business relationship with this vendor other than being a customer: IBM Business Partner.
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Database SecurityPopular Comparisons
Informatica Intelligent Data Management Cloud (IDMC)
Imperva SecureSphere Database Security
Oracle Audit Vault
Protegrity Data Security
Voltage SecureData Enterprise
Oracle Advanced Security
Trustwave DbProtect
DataSunrise Database Security
Vormetric Application Crypto Suite
IBM InfoSphere Optim Data Privacy
BMC Compuware Topaz Enterprise Data
Buyer's Guide
Download our free IBM Security Guardium Data Protection Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- IBM Guardium vs Imperva SecureSphere Database Security
- IBM Guardium Data Protection vs. Vormetric Application Crypto Suite for a tech services company
- How does IBM Guardium Data Protection compare with Imperva SecureSphere Database Security?
- What are the differences between IBM Guardium and Imperva?
- When evaluating Database Security, what aspect do you think is the most important to look for?
- IBM Guardium vs Imperva SecureSphere Database Security
- What is the difference between "data protection in transit" vs "data protection at rest"?
- Audit Vault vs. InfoSphere Guardium?
- Database security tools comparison report?
- Why is Database Security important for companies?