We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium.

There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization.

My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.

It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment.

It was also expensive.

The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster. As it is now, the test list is fairly long.

The only problem is that some of the reports come up with blanks and missing data. In this area, it's a challenge, especially when there is a lot of traffic on the servers that you are trying to monitor. Sometimes the reports come out with question marks.

Building policies is not that easy. Some things are turned off by default, for example, displaying values. Maybe it's a good security feature, but sometimes the user finds it frustrating because they are expecting to see the result set.

The biggest challenge is in building policies because you have to involve users and stakeholders.

When you are training a user, there is a disconnect with the classroom-lead IBM training. The training is intensive. For five days you are hammered, but when it comes to doing it, it's a different understanding, so users find it difficult.

Pricing could be improved. Small firms shy away from IBM because of the pricing.

In the next release, I would like to see some third party support. A different way the developers can build the entire application. We would like to see more applications added. It is called IBM Security Exchange, so this is where you find that IT is going to develop some apps that can be run on Guardium. If you go to IBM QRader or SIEM for example, they have many applications that you can add to your existing deployment that are the same for Guardium.