IBM Security Guardium Data Protection Reviews

We want to avoid unauthorized manipulation of data. We evaluated use cases like database discovery, identification of sensitive data, and installation and configuration of custom policies. We also conducted POC for alerts on DDL and DML commands, activity logs of users, restricted access for specific users, reporting, and dashboarding.

The tool helps detect invalid login attempts within a specific time frame.

The solution lacks control over database security.

Our database team has conducted a POC of the solution with the service provider. We plan to purchase the solution.

The support manager of IBM in Pakistan supported us in onboarding the technical and salespersons. They helped us draft and create the solution for our company. The support was above average.

Positive

The price is average. The tool is not cheap, but it is not expensive. The solution is worth the money.

There are other solutions like Imperva, but there are no service providers in Pakistan. We need local support as we need multiple deployments.

Since I have not implemented the product yet, I would give it an average rating. Overall, I rate the product an eight out of ten.

We are resellers of this solution and IBM partners. I'm a manager of security solutions.

Data encryption is a good feature and I also like the data masking functions. This is a technically strong solution.

The only downside is that the deployment is complex and requires special expertise to deploy.

We've been using this solution for seven years. 

In terms of stability, this is one of the top solutions. Our customers are happy with it.

The solution is scalable; scalability depends on the number of databases more than number of users. Accounts can be expanded without any impact on performance. 

IBM do a good job in terms of technical support.  

Positive

The deployment requires trained people because it's complex. It's better to go with the vendor for implementation because they are specialized.  

I recommend this solution and rate it nine out of 10. 

The primary use case of the product is for compliance, in order to create a report on the security of data, where the data is, and access to the information.

The solution helps us to easily manage data security and comply with regulations by providing comprehensive reports and data monitoring capabilities.

It is very easy to obtain reports and manage the reporting interface. It also supports various platforms like SQL, IBM database, and Oracle.

The user interface could be improved and modernized. Additionally, IBM could enhance their support in some cases.

I've been using IBM for more than six months.

The product is very solid and stable, offering reliable protection.

The support could be improved, particularly regarding response times for some modules. I would rate their support a seven out of ten.

Neutral

I couldn't say much about the return on investment.

The pricing is good, and I have no problem with it. Although there is no flexibility to compete with other products, it generally costs between one hundred and three hundred thousand per year depending on the configuration and size of the installation.

I would recommend Guardium because it is a very solid and stable protection, mainly due to its extensive cloud coverage and support for multiple platforms.

I'd rate the solution nine out of ten.

We use it for activity monitoring and vulnerability assessments.

The features I like are the robust policies, which allow us to create customized monitoring based on specific activities. 

Also, the dynamic encryption and masking functionality is interesting. And the vulnerability assessment feature is comprehensive; we can scan for specific vulnerabilities.

The main issue I have with IBM Security Guardium Data Protection is the support. It's not good.  They're slow, and they don't seem to resolve issues effectively. We have an ongoing problem that they haven't been able to fix.

We had an issue with the setup that we've been trying to resolve. The reports are not coming out the way I want them to.

I'm not enjoying the support. They don't always resolve issues, and sometimes logged cases seem to disappear. The support is not good for me. They should resolve issues as they're escalated.

It's stable. However, it does require a lot of resources. 

I would rate the stability a six out of ten. 

The solution itself is straightforward. The implementation was fine.

We set up the central manager, the archive, agents on the database servers, and S-TAPs on the collectors. Then, we configured policies and reports.

I would recommend using it. It is good for database protection. 

The product itself is good, but the support is lacking. I'd rate it a seven out of ten.

We use IBM Security Guardium Data Protection for real-time monitoring, data protection, recovery of sensitive objects, and vulnerable data scanning for databases.

It is a flexible tool for enterprises. It protects sensitive data and blocks unauthorized access to the data.

They could enable the out-of-the-box feature to track application user activity. It will help us observe the activities closely. Another area for potential improvement is implementing a feature for rate limiting the observed set returned to the client against security in a particular session.

We have been using IBM Security Guardium Data Protection for two years.

It is a stable solution. However, they could enable an in-built feature to track user activity for the applications connected to databases. When users enter credentials to authenticate themselves, Guardium should also log the activity and enter its database.

I rate the platform's scalability an eight out of ten.

The technical support services are good.

Neutral

The initial setup process is user-friendly. The deployment time depends on different components, including the collector, SAP agent, immediate and integrator, central manager, deployment size, scalability needs, and specific business use cases. It's relatively easy to implement, but the organization's specific requirements determine the simplicity or complexity. The number of databases to be observed, data classification criteria, and the desired role implementations are crucial considerations. It requires one or two engineers and analysts to execute the process. They are responsible for installing and configuring the components, including agents and collectors. After that, we can collect the logs from the database based on rules and policies to analyze them. It is easy to maintain as well.

The product's pricing is reasonable and affordable. It is in the moderate range.

I recommend IBM Security Guardium Data Protection to others and rate it an eight out of ten. It is a very good enterprise-grade solution.

We use this product to protect our information. It provides the added feature of including some protective marking rules on the data. Security is the overall high-level objective for us using this solution. We are customers of IBM and I'm a tech lead.

If anyone is trying to access unauthorized data, it sends out an immediate alert to those concerned. 

Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.

I've been using this solution for three years. 

The product is somewhat outdated, but it's stable.

If you implement it on the cloud, it's scalable. But once you scale the solution, dumping the business rules, establishing the configured profile, and maintaining those profiles is a very tedious process. Rather than a centralized solution, it would be better to have a distributed environment. In that case, different servers and different nodes, with each node having control over some of the applications, would be better. 

The support level is based on your license. There is a seating license based on the number of users and a concurrent license that is unlimited. If you're at L1, the support is very responsive. For L2 and L3 things move more slowly.

The initial setup needs a lot of coordination and effort. It also requires an information security officer to identify the risk levels of the applications. Monitoring requires a dedicated infrastructure team. We carried out the deployment in-house. Implementation time depends on the degree to which you want to scale and what you're using it for. 

Deployment requires admin support, enterprise-level LDAP authentication services, and application leads. Depending on your infrastructure, you may also require an information security officer and security team as well as security engineers.

There are various licensing models. 

This tool works very well with IBM products but not so well with other tools. 

I rate the solution six out of 10. 

Before IBM Guardium Data Protection, we didn't have any solution. We wanted to check our database activities, for example, admin activities, so with IBM Guardium Data Protection, we created some use cases and also wanted to check up on the use cases in our environment, so we deployed the solution. Right now, we have three or four use cases for IBM Guardium Data Protection: creation, table deletion, and making changes to the table, and we receive alerts when any of those activities happen.

IBM Guardium Data Protection improved our organization by providing visibility into our database functions. Before using the solution, we didn't have that visibility until we took the data logs and integrated them. We didn't have visibility into database bots. We didn't know which users or admin users were able to get into the databases even without specific privileges. Now, with IBM Guardium Data Protection, we have visibility into all details by just collecting the logs on the aggregator, then integrating the aggregator and team logs, so our security analysts can check all the user logs and use cases we created to monitor databases, and view them all on a single screen. IBM Guardium Data Protection gave us one console for monitoring data, so we won't have to look at more than one screen or use other monitoring solutions.

What I like about IBM Guardium Data Protection is that some of its features were deployed by collectors during the installation phase. The solution has collector and aggregator features, license installation, and even server patches that you won't find in other security providers. I like the collector-aggregator capabilities of IBM Guardium Data Protection where you install each component on separate servers, then on the aggregator, you collect all the logs on a central server or central console.

Right now, we're in the development phase for IBM Guardium Data Protection, so I don't have any recommendations about additional features and room for improvement in the solution. We're very excited to work on IBM Guardium Data Protection because we are new to the solution, and we're still exploring product features. We're very excited about integrations and use case creation, and it's only after six to eight months that I'll be able to share my recommendations in terms of additional features the solution should have.

We did find some difficulty in deploying IBM Guardium Data Protection here in Pakistan because of the lack of resources.

We just deployed IBM Guardium Data Protection, so we've only been using the solution for a month or so, and we're using it because it was included in the package we purchased from IBM.

IBM Guardium Data Protection is working very smoothly, even during installation, so at the moment, my company hasn't experienced any stability issues, compatibility issues, and performance issues, so it's a stable solution.

In the future, we will scale IBM Guardium Data Protection if we have the need, but right now, we are not in the scaling phase. We're only implementing and working with what we have currently.

The support for IBM Guardium Data Protection is good if you're communicating with techs from the US, the UK, or Europe, but where I'm located, the support you'll mostly get is from India and South Asia because of matching time zones. India-based or South Asia-based support isn't very experienced, so at the end of the day, you have to escalate the ticket to the US or Europe team for issue resolution.

On a scale of one to five, with one being the worst and five being the best, my experience with IBM Guardium Data Protection technical support is three out of five.

Deploying IBM Guardium Data Protection was a little bit difficult for us because of the limited resources available here in Pakistan. Very few people can implement the solution successfully in their organizations because of a lack of experience. There are only two or three organizations here that have implemented IBM Guardium Data Protection, and our organization is one of those.

The people who handled the deployment of the solution within the company weren't experienced at deploying IBM Guardium Data Protection, so we faced some difficulties, but at the end of the day, all teams worked very, very passionately. It took us almost six months to deploy the solution within our organization.

We coordinated with different teams about server availability, connection availability, and database integration with IBM Guardium Data Protection to complete the implementation of the solution.

It's still too early to tell if there's ROI from IBM Guardium Data Protection, but I hope that it gives the company ROI. The solution is very popular all over the world, so my company procured it and deployed it in the environment.

My company purchased IBM Guardium Data Protection in a package, so I'm unable to give its exact licensing cost, but for the package of three IBM solutions, it wasn't very expensive. I'd rate the pricing for all three solutions three out of five. When my team deployed IBM Guardium Data Protection, all features were included.

We didn't evaluate other solutions before using IBM Guardium Data Protection because we purchased an IBM package of three SIEM solutions: IBM QRadar, IBM Resilient, and IBM Guardium Data Protection.

My organization has two teams using IBM Guardium Data Protection. One is an analyst team that looks after the solution, and the other is the SOC team in charge of monitoring events on IBM Guardium Data Protection.

There's a team of five people in my organization that takes care of deploying the policies, and there's a team of twelve analysts that does the monitoring of events in all monitoring solutions used in the company, aside from IBM Guardium Data Protection events.

Currently, the solution isn't being used to its full extent because it's still in the testing phase, and my organization is still new to the solution, so it has to check on the capabilities of IBM Guardium Data Protection and how it works. Users within my company still have to learn how to aggregate, how to send logs, which security tools to monitor, etc. The solution is still in the evaluation phase within the company, and there's still a need to check its performance and analyze its features.

My advice to others looking into implementing IBM Guardium Data Protection is to first get familiar with the solution and compare it with other solutions. IBM Guardium Data Protection is a market leader, so I recommend that you deploy it or purchase it for the purpose of database security. It's a well-known product.

I'm rating IBM Guardium Data Protection eight out of ten.

My company is a customer of IBM Guardium Data Protection, with no IBM partnership.

Guardium is a robust solution that provides reliable results. Customers are satisfied with its ease of use and switch from competing products to Guardium. One customer implemented Guardium within two months and found it fully secured their databases. Before Guardium, they faced implementation issues and unreliable monitoring reports. Now, they are expanding Guardium to protect more databases.

The only issue is opening the remote connection to the client. IBM needs to focus more on improving remote connectivity. Microsoft and Cisco provide remote connectivity and have gained customer appreciation.

The solution needs some functionality or features to be added. It might not cover Big Data.

I have been using IBM Security Guardium Data Protection since 2016.

The product is stable.

The tool is scalable.

Support is very good.

Positive

The initial setup is straightforward.

We contracted with the company. It was one of the smoothest implementations we ever had. We started and did the kickoff. After two months, they sent us the closure, acceptance server, and invoices.

The solution has a reasonable and competitive price. FortiDB is cheaper, but it doesn't provide full functionality. You can get cheaper products if you want a product to cover the audit point and don't care about the functionality. If you need a functional solution to help you, you should consider Guardium.

I recommend this solution to medium and big companies. Small customers do not need to maintain it a lot. The price and value they will get from it are worth it, especially if they need to monitor many databases and manage their environment. Guardium can help them see who accesses the databases to prevent data breaches and monitor the audit trail. Smaller companies with one or two databases can manage them by themselves, but Guardium becomes more valuable as the size of their databases and the number of users grow.

Overall, I rate the solution a ten out of ten.