We performed a comparison between IBM Security Guardium Data Protection, IDERA SQL Compliance Manager, and Oracle Audit Vault based on real PeerSpot user reviews.
Find out what your peers are saying about IBM, Imperva, Oracle and others in Database Security."It allows us to put in controls to make sure that only the right persons access the proper records in the database."
"The tech support is very knowledgeable."
"We have integrated IBM Guardium with IBM Watson Curator. They access Curator to identify and correlate other actions the user is doing to determine if this is a legitimate action or not."
"IBM Guardium Data Protection has better integration options than most of the leading competitors on the market, and the price is always better."
"Our ability to see when users are accessing sensitive data."
"Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices."
"We are using it to do a lot of data discovery from a data classification for structured data."
"It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes."
"The initial setup was straightforward."
"The ability to track activity including the SQL statements is definitely valuable. I really like how the database is laid out. It's straightforward. I can query the back-end tables. I've made a few of my own email alerts based on the data and the tables. It's accessible."
"The tool can track logins and login failures. I made my own alert so that if there is a certain number of login failures for a server, it emails me. That is really useful. If I want logins to automatically lock out after a certain number of failed attempts, I can know when that happens."
"Our clients can see all of their past actions or the wrong activity done on the network. We can load the diagnostics for the business."
"This solution acts as a complete data warehouse for our audit data."
"The feature that I have found most valuable is that it can help us secure our databases."
"It is a good product for controlling all databases. It is helpful for auditing the data. When people are doing any actions on the databases, they are recorded automatically in the vault. You can work on the collected data to find out exactly what is happening on a database. You can implement database encryption on the databases to control people's access to the database content, such as rows and tables."
"Out-of-the-box policies ensure our compliance with standards like SOX, ISO 27001, and so on."
"Our client was scheduled to take a year and a half to set up compliance, but by deploying this product they were able to do the compliance reports within three months."
"All of the other components that make up the infrastructure in the environment including the operating system are also quite valuable."
"Oracle Audit Vault has a lot of great features, but what I find most valuable is the database firewall."
"I'd like to them make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it."
"Setup can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take."
"The integration part of the present solution is very complex and tedious. Plus it gives a lot of false positives which need to be eradicated over time."
"The analysis part of this product could be improved. It's a very comprehensive product, so the features it has complement customer requirements. But I would like to see more emphasis on analytics, and it would be great if they added machine learning. They already have analysis insights, but a comprehensive analytical feature that's already incorporated into the solution would be very helpful."
"The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that."
"IBM should add more database security features to Guardium. They could add user profiling, anomaly detection, and machine learning. IBM has user profiling, but they need to strengthen it. It should make sense for the users. It should remove most of the false positives."
"Initial setup is very complex. Once you start interacting with people's databases, they get very hesitant. Then, the amount of social tasks to socialize the solution ensuring people are comfortable with it became a much heavier lift."
"The technical support is very poor."
"What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name."
"There is an agent that collects the data on SQL Server. Sometimes it will stop collecting. I'm not exactly sure what's happening but I have to go in and manually restart the agent. It would be nice if the central collection server could send a request to the agent to restart."
"I submitted a ticket (last year) about archiving/grooming of old records because the GUI functionality was not working. Per their recommendation, I ended up using a command line to do it."
"Its filtration and navigation are not the best."
"The set up is kind of clunky, in my opinion. It's not really intuitive. If they had either a smoother install or better instructions, that would be nice."
"One feature that is missing is the ability to have a secret server that is always encrypted."
"The product monitors only the database and not the operating systems."
"The support could improve."
"Stability could be improved, we have had some challenges"
"We would like to see the ability to administer and manage the solution through Enterprise Manager 13c, and development of the dashboards that are generally missing."
"Currently, you need two servers: one for Audit Vault and one for the firewall. If they can combine them into one server, it will be great because it is costly to have two servers. It will also make its installation easier. I have heard that in the new version, there will be only one server for both."
"Customized reporting is something that we are struggling with, and it is quite tough for us."
"They should simplify the integration and work with different vendors and mechanisms."
More IBM Security Guardium Data Protection Pricing and Cost Advice →
