Internet Security Specialist at National Bank of Pakistan
Real User
2022-08-11T11:33:54Z
Aug 11, 2022
My organization has two teams using IBM Guardium Data Protection. One is an analyst team that looks after the solution, and the other is the SOC team in charge of monitoring events on IBM Guardium Data Protection. There's a team of five people in my organization that takes care of deploying the policies, and there's a team of twelve analysts that does the monitoring of events in all monitoring solutions used in the company, aside from IBM Guardium Data Protection events. Currently, the solution isn't being used to its full extent because it's still in the testing phase, and my organization is still new to the solution, so it has to check on the capabilities of IBM Guardium Data Protection and how it works. Users within my company still have to learn how to aggregate, how to send logs, which security tools to monitor, etc. The solution is still in the evaluation phase within the company, and there's still a need to check its performance and analyze its features. My advice to others looking into implementing IBM Guardium Data Protection is to first get familiar with the solution and compare it with other solutions. IBM Guardium Data Protection is a market leader, so I recommend that you deploy it or purchase it for the purpose of database security. It's a well-known product. I'm rating IBM Guardium Data Protection eight out of ten. My company is a customer of IBM Guardium Data Protection, with no IBM partnership.
Chief Information Security Officer at a financial services firm with 1,001-5,000 employees
Real User
Top 5
2022-05-06T10:32:49Z
May 6, 2022
I don't feel that our local partners are fully equipped with the technical knowledge of the product. Whenever we need support that requires technical expertise, we go to the IBM support portal. As a result, we experience time delays in terms of support and it would be helpful if the local partner improved their knowledge. The other option would be for IBM to provide some management training for the on-prem engineers. I rate the solution five out of 10.
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
Information Security Engineering Consultant at Optum
Real User
2022-04-11T18:30:00Z
Apr 11, 2022
I rate Guardium nine out of 10 overall. I rate Guardium 10 out of 10 for data activity monitoring and nine for vulnerability assessment. It's easy to implement and does its job. But I would rate it seven out of 10 in terms of advanced features. My advice to prospective users is to have a proper source to deploy it in your environment, or you're wasting money. The second thing is to know precisely what you want from Guardium. Is it DAM, VA, or are you going further? In terms of security posture, those lines should be clear.
Security Engineering, Team Lead at Fidelity Bank Plc
Real User
Top 5
2022-03-23T00:41:12Z
Mar 23, 2022
We use IBM Guardium Data Protection for our databases. I can't remember the version we're currently using. I don't think IBM Guardium Data Protection charges you based on the number of users, e.g. they charge based on the number of licenses, and it's either on a per-license or a per-data basis, so I cannot give the number of users currently using the application. Increasing the usage of IBM Guardium Data Protection depends on the budget. Nobody wants to increase costs, but costs are increasing, so I don't think we plan on increasing usage for the application. For the deployment of the application, we have the OEM and our technical team in charge. I'm giving IBM Guardium Data Protection a rating of nine out of ten.
Security Engineer at a tech services company with 501-1,000 employees
Real User
2021-12-15T17:35:00Z
Dec 15, 2021
Guardiam's accountability is good - by design, it doesn't give any root privilege to customers, which means we don't have highly important privilege for access to Guardiam. They use only a user level, so kernel-level users are prohibited, which means there aren't any accidental effects from the customer side. I would rate this solution as eight out of ten.
If you are looking to implement Guardium, you first need to understand your requirements. The objective of these database and security monitoring solutions is for compliance and auditing. You want a solution that will monitor everything, but the main objective is to monitor the right areas or the key parts of the area that should be monitored. This is the one thing customers should consider before choosing any database or similar solution. We have good relationships with our customers, so whenever they're looking for a solution, we try to partner with them and align them with a product that will meet their needs. Usually when we go with this product, we go with SQL first, then go for integration deployment. Our recommendations are based on customer requirements. Even if it's a good product, it may not be a good fit for the customer. I would rate this product an eight out of ten, just because there's always room for improvement.
Junior Software Engineer at a computer software company with 201-500 employees
Real User
2021-09-15T13:27:47Z
Sep 15, 2021
IBM, in general, is the best. I would recommend this solution to others. I am not familiar with other products. I only know IBM Guardium. I would rate IBM Guardium Data Protection a nine out of ten.
DBA at a manufacturing company with 10,001+ employees
Real User
Top 20
2021-07-30T21:38:16Z
Jul 30, 2021
If I were choosing a solution now, I would probably look at Imperva and Insights, and go the agentless route, rather than deal with collectors. They still have them with the new system, but they're a little lighter weight. From a manageability perspective, from a scalability perspective, in terms of supporting model databases, they seem to be more viable solutions moving forward. I rate this solution an eight out of 10.
I can definitely recommend IBM Guardium and we are going to continue using and promoting it in the future. I have been working with IBM for approximately 13 years and I've personally found that IBM products are very useful. However, the problem is that IBM's product stack isn't fully present in this country and there is a clear lack of industry resources, so customers remain unaware of their products and they are not adopting products even though this product is very good. Whenever we are talking about the idea of data protection we talk about IBM's solution, Guardium Data Protection. The main problem is that customers often throw questions like, "What about deployment? What about the support? Are we going to get good support from the local team?" They're not bothered about portal support, they talk about the internal market industry resources. That's where we come in. So even though I am recommending IBM, I know some customers will also like Oracle AVDF. I would rate IBM Guardium Data Protection an eight out of ten.
We would recommend this solution to others. It is a good solution at a good price, and your data is invaluable. I would rate IBM Guardium Data Protection a nine out of ten.
Chief Information Security Officer at a financial services firm with 1,001-5,000 employees
Real User
Top 5
2020-07-28T06:50:18Z
Jul 28, 2020
We're looking to upgrade the solution soon. I'm not sure which version we are currently using. I would recommend others considering the solution to make sure they get local partners who can basically deploy the product. They need to have someone with sound experience. I have found a partner who applies the product often just simply deploys it and they don't have a use case available. They don't have the right experience. You need to choose your partner carefully or be ready to work hard yourself to deploy the product in the best possible way. I would rate the solution seven out of ten.
Information Security Consultant at a tech services company with 51-200 employees
Reseller
2020-06-08T06:11:04Z
Jun 8, 2020
My advice to anybody who is implementing this solution is to start small, with a test environment, and then scale it up. This way, if there is a fault at the beginning then it won't be multiplied by the time you have a larger deployment and are fully integrated. In this way, you will see if it meets the requirements. Overall, this is a wonderful product. I would rate this solution an eight out of ten.
VP - Enterprise Security & Cloud Business at a tech vendor with 1,001-5,000 employees
Real User
2020-06-03T06:54:50Z
Jun 3, 2020
This is one of the core applications for customers and is not something like an endpoint security or perimeter security. It's a specialized use case. This is a textured product and the brand equity of IBM means it's reliable. I have long-term relationships with my clients and wouldn't like to deploy something that gives me problems. This is a good product. I would rate this solution an eight out of 10.
From my experience, I find that IBM Guardium is pretty good and I would recommend it. The monitoring and analytics capabilities make it a very good product, although we have had intermittent problems with our database connectors so it is not perfect. I would rate this solution a nine out of ten.
Trusted Security Advisor at a tech services company with 501-1,000 employees
Real User
2019-06-04T07:43:00Z
Jun 4, 2019
When it comes to implementing this solution, it is important for people to know exactly what they need to do. This includes what they need to monitor, what they need to protect, and what kinds of queries they want to prevent. They shouldn't rely on having this tool teach them what they need to do. Next, people need to make sure that they are getting proper support. This can be from the vendor, by having an advanced SLA for example, or a strong local partner to help them. If they have any trouble, especially something urgent, then they want to have this support in place. The third thing is to have somebody who is trained to take care of the system. Assuming that it is easy and that anybody can handle it will be the start of a larger problem. It will not seem too much at the beginning, but after a year they will be unhappy with the product. It is important to recognize that there are several milestones for any Guardium project. Our consultant, for example, is an expert in that domain. He usually submits a project plan showing the implementation stages for the project. There are prerequisites that have to be put in place and verified, then Guardium deployed on the server. This can be either a physical or virtual server. Then the database configuration begins, which is followed by the fine-tuning phase. Finally, all of the appropriate documentation for these aspects has to be compiled. The length of time required for all of this depends on the requirements. I would rate this solution an eight out of ten.
IBM Security Guardium Data Protection automatically discovers and classifies sensitive data from across the enterprise, providing real-time data activity monitoring and advanced user behavior analytics to help discover unusual activity around sensitive data.
Deploy the solution to help discover regulated data in your data stores and use pre-built templates for regulations such as PCI, SOX, HIPAA, CCPA and many more, to streamline and automate compliance workflows.
This tool works very well with IBM products but not so well with other tools. I rate the solution six out of 10.
I recommend this solution and rate it nine out of 10.
My organization has two teams using IBM Guardium Data Protection. One is an analyst team that looks after the solution, and the other is the SOC team in charge of monitoring events on IBM Guardium Data Protection. There's a team of five people in my organization that takes care of deploying the policies, and there's a team of twelve analysts that does the monitoring of events in all monitoring solutions used in the company, aside from IBM Guardium Data Protection events. Currently, the solution isn't being used to its full extent because it's still in the testing phase, and my organization is still new to the solution, so it has to check on the capabilities of IBM Guardium Data Protection and how it works. Users within my company still have to learn how to aggregate, how to send logs, which security tools to monitor, etc. The solution is still in the evaluation phase within the company, and there's still a need to check its performance and analyze its features. My advice to others looking into implementing IBM Guardium Data Protection is to first get familiar with the solution and compare it with other solutions. IBM Guardium Data Protection is a market leader, so I recommend that you deploy it or purchase it for the purpose of database security. It's a well-known product. I'm rating IBM Guardium Data Protection eight out of ten. My company is a customer of IBM Guardium Data Protection, with no IBM partnership.
I rate IBM Guardium Data Protection 10 out of 10. Anyone can understand this product.
I would give Guardium a rating of eight out of ten.
I don't feel that our local partners are fully equipped with the technical knowledge of the product. Whenever we need support that requires technical expertise, we go to the IBM support portal. As a result, we experience time delays in terms of support and it would be helpful if the local partner improved their knowledge. The other option would be for IBM to provide some management training for the on-prem engineers. I rate the solution five out of 10.
I rate Guardium nine out of 10 overall. I rate Guardium 10 out of 10 for data activity monitoring and nine for vulnerability assessment. It's easy to implement and does its job. But I would rate it seven out of 10 in terms of advanced features. My advice to prospective users is to have a proper source to deploy it in your environment, or you're wasting money. The second thing is to know precisely what you want from Guardium. Is it DAM, VA, or are you going further? In terms of security posture, those lines should be clear.
We use IBM Guardium Data Protection for our databases. I can't remember the version we're currently using. I don't think IBM Guardium Data Protection charges you based on the number of users, e.g. they charge based on the number of licenses, and it's either on a per-license or a per-data basis, so I cannot give the number of users currently using the application. Increasing the usage of IBM Guardium Data Protection depends on the budget. Nobody wants to increase costs, but costs are increasing, so I don't think we plan on increasing usage for the application. For the deployment of the application, we have the OEM and our technical team in charge. I'm giving IBM Guardium Data Protection a rating of nine out of ten.
I rate IBM Guardium Data Protection a seven out of ten.
Guardiam's accountability is good - by design, it doesn't give any root privilege to customers, which means we don't have highly important privilege for access to Guardiam. They use only a user level, so kernel-level users are prohibited, which means there aren't any accidental effects from the customer side. I would rate this solution as eight out of ten.
Personally, I would not recommend this product.
If you are looking to implement Guardium, you first need to understand your requirements. The objective of these database and security monitoring solutions is for compliance and auditing. You want a solution that will monitor everything, but the main objective is to monitor the right areas or the key parts of the area that should be monitored. This is the one thing customers should consider before choosing any database or similar solution. We have good relationships with our customers, so whenever they're looking for a solution, we try to partner with them and align them with a product that will meet their needs. Usually when we go with this product, we go with SQL first, then go for integration deployment. Our recommendations are based on customer requirements. Even if it's a good product, it may not be a good fit for the customer. I would rate this product an eight out of ten, just because there's always room for improvement.
I would recommend this solution to others. I rate IBM Guardium Data Protection a nine out of ten.
I rate IBM Guardium nine out of 10. I would absolutely recommend the solution to others.
IBM, in general, is the best. I would recommend this solution to others. I am not familiar with other products. I only know IBM Guardium. I would rate IBM Guardium Data Protection a nine out of ten.
If I were choosing a solution now, I would probably look at Imperva and Insights, and go the agentless route, rather than deal with collectors. They still have them with the new system, but they're a little lighter weight. From a manageability perspective, from a scalability perspective, in terms of supporting model databases, they seem to be more viable solutions moving forward. I rate this solution an eight out of 10.
I can definitely recommend IBM Guardium and we are going to continue using and promoting it in the future. I have been working with IBM for approximately 13 years and I've personally found that IBM products are very useful. However, the problem is that IBM's product stack isn't fully present in this country and there is a clear lack of industry resources, so customers remain unaware of their products and they are not adopting products even though this product is very good. Whenever we are talking about the idea of data protection we talk about IBM's solution, Guardium Data Protection. The main problem is that customers often throw questions like, "What about deployment? What about the support? Are we going to get good support from the local team?" They're not bothered about portal support, they talk about the internal market industry resources. That's where we come in. So even though I am recommending IBM, I know some customers will also like Oracle AVDF. I would rate IBM Guardium Data Protection an eight out of ten.
We would recommend this solution to others. It is a good solution at a good price, and your data is invaluable. I would rate IBM Guardium Data Protection a nine out of ten.
We're looking to upgrade the solution soon. I'm not sure which version we are currently using. I would recommend others considering the solution to make sure they get local partners who can basically deploy the product. They need to have someone with sound experience. I have found a partner who applies the product often just simply deploys it and they don't have a use case available. They don't have the right experience. You need to choose your partner carefully or be ready to work hard yourself to deploy the product in the best possible way. I would rate the solution seven out of ten.
My advice to anybody who is implementing this solution is to start small, with a test environment, and then scale it up. This way, if there is a fault at the beginning then it won't be multiplied by the time you have a larger deployment and are fully integrated. In this way, you will see if it meets the requirements. Overall, this is a wonderful product. I would rate this solution an eight out of ten.
This is one of the core applications for customers and is not something like an endpoint security or perimeter security. It's a specialized use case. This is a textured product and the brand equity of IBM means it's reliable. I have long-term relationships with my clients and wouldn't like to deploy something that gives me problems. This is a good product. I would rate this solution an eight out of 10.
From my experience, I find that IBM Guardium is pretty good and I would recommend it. The monitoring and analytics capabilities make it a very good product, although we have had intermittent problems with our database connectors so it is not perfect. I would rate this solution a nine out of ten.
When it comes to implementing this solution, it is important for people to know exactly what they need to do. This includes what they need to monitor, what they need to protect, and what kinds of queries they want to prevent. They shouldn't rely on having this tool teach them what they need to do. Next, people need to make sure that they are getting proper support. This can be from the vendor, by having an advanced SLA for example, or a strong local partner to help them. If they have any trouble, especially something urgent, then they want to have this support in place. The third thing is to have somebody who is trained to take care of the system. Assuming that it is easy and that anybody can handle it will be the start of a larger problem. It will not seem too much at the beginning, but after a year they will be unhappy with the product. It is important to recognize that there are several milestones for any Guardium project. Our consultant, for example, is an expert in that domain. He usually submits a project plan showing the implementation stages for the project. There are prerequisites that have to be put in place and verified, then Guardium deployed on the server. This can be either a physical or virtual server. Then the database configuration begins, which is followed by the fine-tuning phase. Finally, all of the appropriate documentation for these aspects has to be compiled. The length of time required for all of this depends on the requirements. I would rate this solution an eight out of ten.