IBM Security Guardium Data Protection Reviews

We want to avoid unauthorized manipulation of data. We evaluated use cases like database discovery, identification of sensitive data, and installation and configuration of custom policies. We also conducted POC for alerts on DDL and DML commands, activity logs of users, restricted access for specific users, reporting, and dashboarding.

The tool helps detect invalid login attempts within a specific time frame.

The solution lacks control over database security.

Our database team has conducted a POC of the solution with the service provider. We plan to purchase the solution.

The support manager of IBM in Pakistan supported us in onboarding the technical and salespersons. They helped us draft and create the solution for our company. The support was above average.

Positive

The price is average. The tool is not cheap, but it is not expensive. The solution is worth the money.

There are other solutions like Imperva, but there are no service providers in Pakistan. We need local support as we need multiple deployments.

Since I have not implemented the product yet, I would give it an average rating. Overall, I rate the product an eight out of ten.

We are resellers of this solution and IBM partners. I'm a manager of security solutions.

Data encryption is a good feature and I also like the data masking functions. This is a technically strong solution.

The only downside is that the deployment is complex and requires special expertise to deploy.

We've been using this solution for seven years. 

In terms of stability, this is one of the top solutions. Our customers are happy with it.

The solution is scalable; scalability depends on the number of databases more than number of users. Accounts can be expanded without any impact on performance. 

IBM do a good job in terms of technical support.  

Positive

The deployment requires trained people because it's complex. It's better to go with the vendor for implementation because they are specialized.  

I recommend this solution and rate it nine out of 10. 

The primary use case of the product is for compliance, in order to create a report on the security of data, where the data is, and access to the information.

The solution helps us to easily manage data security and comply with regulations by providing comprehensive reports and data monitoring capabilities.

It is very easy to obtain reports and manage the reporting interface. It also supports various platforms like SQL, IBM database, and Oracle.

The user interface could be improved and modernized. Additionally, IBM could enhance their support in some cases.

I've been using IBM for more than six months.

The product is very solid and stable, offering reliable protection.

The support could be improved, particularly regarding response times for some modules. I would rate their support a seven out of ten.

Neutral

I couldn't say much about the return on investment.

The pricing is good, and I have no problem with it. Although there is no flexibility to compete with other products, it generally costs between one hundred and three hundred thousand per year depending on the configuration and size of the installation.

I would recommend Guardium because it is a very solid and stable protection, mainly due to its extensive cloud coverage and support for multiple platforms.

I'd rate the solution nine out of ten.

We have been using Guardium for data protection. In my company, we use it primarily to test the database for personal information protection. We also use it in conjunction with other data security measures.

We have seen benefits from using Guardium, including its ease of implementation and local support in our region. Many of our clients who previously used Imperva found it difficult to implement, and they have switched to Guardium.

The most valuable features of Guardium are its ability to discover data more efficiently compared to competitors and its comprehensive platform with many features. We appreciate its ease of implementation and the local support available for the product.

Guardium could be improved in the area of data encryption. We have encountered difficulties with encryption using IBM's platform, especially in comparison to alternative solutions.

I have had experience with Guardium for maybe two years.

We have found Guardium to be very stable.

The scalability of Guardium is very good, and the newer versions have shown significant improvements.

We have worked with IBM support for other products like IBM AI, and it has been very satisfactory with high-quality support.

Positive

We previously used Imperva. Our clients and we found it difficult to implement and continue using the solution.

The initial setup of Guardium was easy, and we found the implementation process straightforward.

I did not help deploy Guardium directly, but it was part of a project aiming to enhance data protection.

The return on investment is beneficial as we have one platform with many features, providing solutions to multiple problems for us.

The pricing of Guardium is similar to Imperva and includes licensing costs. Overall, it is considered reasonably priced for its capabilities.

We evaluated Imperva. The main differences we found were in the implementation experience and the support from the vendor. We found Guardium easier to implement and better supported.

We highly recommend Guardium for its application and data protection capabilities, especially with its strong local support.

I'd rate the solution nine out of ten.

We use it for activity monitoring and vulnerability assessments.

The features I like are the robust policies, which allow us to create customized monitoring based on specific activities. 

Also, the dynamic encryption and masking functionality is interesting. And the vulnerability assessment feature is comprehensive; we can scan for specific vulnerabilities.

The main issue I have with IBM Security Guardium Data Protection is the support. It's not good.  They're slow, and they don't seem to resolve issues effectively. We have an ongoing problem that they haven't been able to fix.

We had an issue with the setup that we've been trying to resolve. The reports are not coming out the way I want them to.

I'm not enjoying the support. They don't always resolve issues, and sometimes logged cases seem to disappear. The support is not good for me. They should resolve issues as they're escalated.

It's stable. However, it does require a lot of resources. 

I would rate the stability a six out of ten. 

The solution itself is straightforward. The implementation was fine.

We set up the central manager, the archive, agents on the database servers, and S-TAPs on the collectors. Then, we configured policies and reports.

I would recommend using it. It is good for database protection. 

The product itself is good, but the support is lacking. I'd rate it a seven out of ten.

We use IBM Security Guardium Data Protection for real-time monitoring, data protection, recovery of sensitive objects, and vulnerable data scanning for databases.

It is a flexible tool for enterprises. It protects sensitive data and blocks unauthorized access to the data.

They could enable the out-of-the-box feature to track application user activity. It will help us observe the activities closely. Another area for potential improvement is implementing a feature for rate limiting the observed set returned to the client against security in a particular session.

We have been using IBM Security Guardium Data Protection for two years.

It is a stable solution. However, they could enable an in-built feature to track user activity for the applications connected to databases. When users enter credentials to authenticate themselves, Guardium should also log the activity and enter its database.

I rate the platform's scalability an eight out of ten.

The technical support services are good.

Neutral

The initial setup process is user-friendly. The deployment time depends on different components, including the collector, SAP agent, immediate and integrator, central manager, deployment size, scalability needs, and specific business use cases. It's relatively easy to implement, but the organization's specific requirements determine the simplicity or complexity. The number of databases to be observed, data classification criteria, and the desired role implementations are crucial considerations. It requires one or two engineers and analysts to execute the process. They are responsible for installing and configuring the components, including agents and collectors. After that, we can collect the logs from the database based on rules and policies to analyze them. It is easy to maintain as well.

The product's pricing is reasonable and affordable. It is in the moderate range.

I recommend IBM Security Guardium Data Protection to others and rate it an eight out of ten. It is a very good enterprise-grade solution.

We use this product to protect our information. It provides the added feature of including some protective marking rules on the data. Security is the overall high-level objective for us using this solution. We are customers of IBM and I'm a tech lead.

If anyone is trying to access unauthorized data, it sends out an immediate alert to those concerned. 

Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.

I've been using this solution for three years. 

The product is somewhat outdated, but it's stable.

If you implement it on the cloud, it's scalable. But once you scale the solution, dumping the business rules, establishing the configured profile, and maintaining those profiles is a very tedious process. Rather than a centralized solution, it would be better to have a distributed environment. In that case, different servers and different nodes, with each node having control over some of the applications, would be better. 

The support level is based on your license. There is a seating license based on the number of users and a concurrent license that is unlimited. If you're at L1, the support is very responsive. For L2 and L3 things move more slowly.

The initial setup needs a lot of coordination and effort. It also requires an information security officer to identify the risk levels of the applications. Monitoring requires a dedicated infrastructure team. We carried out the deployment in-house. Implementation time depends on the degree to which you want to scale and what you're using it for. 

Deployment requires admin support, enterprise-level LDAP authentication services, and application leads. Depending on your infrastructure, you may also require an information security officer and security team as well as security engineers.

There are various licensing models. 

This tool works very well with IBM products but not so well with other tools. 

I rate the solution six out of 10. 

Guardium is a robust solution that provides reliable results. Customers are satisfied with its ease of use and switch from competing products to Guardium. One customer implemented Guardium within two months and found it fully secured their databases. Before Guardium, they faced implementation issues and unreliable monitoring reports. Now, they are expanding Guardium to protect more databases.

The only issue is opening the remote connection to the client. IBM needs to focus more on improving remote connectivity. Microsoft and Cisco provide remote connectivity and have gained customer appreciation.

The solution needs some functionality or features to be added. It might not cover Big Data.

I have been using IBM Security Guardium Data Protection since 2016.

The product is stable.

The tool is scalable.

Support is very good.

Positive

The initial setup is straightforward.

We contracted with the company. It was one of the smoothest implementations we ever had. We started and did the kickoff. After two months, they sent us the closure, acceptance server, and invoices.

The solution has a reasonable and competitive price. FortiDB is cheaper, but it doesn't provide full functionality. You can get cheaper products if you want a product to cover the audit point and don't care about the functionality. If you need a functional solution to help you, you should consider Guardium.

I recommend this solution to medium and big companies. Small customers do not need to maintain it a lot. The price and value they will get from it are worth it, especially if they need to monitor many databases and manage their environment. Guardium can help them see who accesses the databases to prevent data breaches and monitor the audit trail. Smaller companies with one or two databases can manage them by themselves, but Guardium becomes more valuable as the size of their databases and the number of users grow.

Overall, I rate the solution a ten out of ten.