IBM Security Guardium Data Protection Reviews

IBM Guardium Data Protection is used not just for protecting data, but also for vulnerability protection. We use it to monitor our active users, activity, and databases, to look at the kind of commands users do on the databases.

We also use the solution to restrict unauthorized users from accessing the databases. Apart from restricting unauthorized users from accessing these databases, we also need to have the stability to add the database, then switch to another database.

We can also turn on the blocking feature of IBM Guardium Data Protection to ensure that some IPs are unable to connect to some databases.

I like IBM Guardium Data Protection because of its good performance. The resources aren't used up to the detriment of the application. It's robust, and we don't really have any serious downtime on it. The support for the application is also okay.

An area for improvement in IBM Guardium Data Protection is automation. I would want it to be more automated, as it runs too much on manual processes. More processes should be automated on the application.

For example: I want a learning environment where IBM Guardium Data Protection can learn the behavior of an environment, e.g. it should be more intelligent, because there is no intelligence yet on the application. It should be able to learn, e.g. you cannot try to block IBM Guardium Data Protection, in general. This is what I want to see: I want to be able to block it, in general.

I want the application to be able to learn, and learn from the environment. IBM should try to bring in more of e-learning to the application. That's another thing that's missing.

What I'd like to see in the next release of IBM Guardium Data Protection is for them to make resources available for the end users to be able to do a self-study, to understand more deeply how the environment works. Having user guides so people can learn more on what the application can do, about its operations, etc. I would like them to occasionally give users tips, e.g. how to do something, how to make your work easy, etc. This is how they can add value, in particular give more value for money, as they give valuable tips, just like how Microsoft does it, for example: "You can use IBM Guardium Data Protection to do this", then they should explain how to do it.

We've been using IBM Guardium Data Protection for two years.

IBM Guardium Data Protection is a stable application.

IBM Guardium Data Protection is a scalable application.

IBM Guardium Data Protection support is okay. Their response time is fine. They have very competent technicians, and their response is high-level.

The setup for IBM Guardium Data Protection was not that complicated. It was easy.

We evaluated Imperva.

We use IBM Guardium Data Protection for our databases. I can't remember the version we're currently using.

I don't think IBM Guardium Data Protection charges you based on the number of users, e.g. they charge based on the number of licenses, and it's either on a per-license or a per-data basis, so I cannot give the number of users currently using the application.

Increasing the usage of IBM Guardium Data Protection depends on the budget. Nobody wants to increase costs, but costs are increasing, so I don't think we plan on increasing usage for the application.

For the deployment of the application, we have the OEM and our technical team in charge.

I'm giving IBM Guardium Data Protection a rating of nine out of ten.

Our customers include financial institutions like banks, insurance companies, and government entities that use IBM Security Guardium Data Protection for the protection and hardening of their databases.

The most valuable feature of the solution for the customers is the monitoring and full log of the database activity of privileged users. It includes everything happening on the network and locally on the database server.

The solution's pricing should be reduced because it is very high. The solution could be improved for NoSQL databases. From the functionality point of view, the solution has almost everything you need for your database. Overall, the product's functionalities align with the customer's needs.

I have been using IBM Security Guardium Data Protection for more than ten years.

I rate IBM Security Guardium Data Protection a nine out of ten for stability.

Our clients are mostly enterprise businesses.

I rate IBM Security Guardium Data Protection ten out of ten for scalability.

Technical support is always challenging with IBM, but overall it's okay.

Positive

IBM Security Guardium Data Protection is easy to set up and maintain.

Implementing IBM Security Guardium Data Protection takes up to ten days, but the customization and the customer requirement span from one month to six months.

You need to install the product. It's a virtual appliance or a hardware appliance depending on the implementation. When it's set up, the agent must be deployed. Then you have to set the policy. The policy relies on the outcome that the customer wants in the report regarding what has been done with the database and what has been changed.

The solution's pricing was higher before it was acquired. The policy should be for smaller customers to have SMB pricing and for bigger customers to have bigger pricing.

On a scale from one to ten, where one is low price, and ten is very high price, I rate the solution's pricing a nine out of ten.

It is the only solution that can meet the needs of both internal and external audits. It's a very powerful tool that can solve a lot of audit needs.

Overall, I rate IBM Security Guardium Data Protection ten out of ten.

Primarily re-monitoring sensitive data and privilege user access. 

One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

• Our ability to see when users are accessing sensitive data. 
• The front-end works very well. 
• Gathering the data works very well. 

We are using quite a few of the advanced features. Some of those include some scripting for integration with our other security tools in the environment along with data collection, and the ability to use large data formats for monitoring and information. 

One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

Guardium is very stable. The only outages that we have had have been self-induced, which is hard to admit. As a platform, it provides great stability.

Guardium should meet our needs going forward. 

We have only been using Guardium for a short period of time, so we had some growth problems. It is just like growing into your body. Your knees start to hurt after a little while, but once you get through that growth spurt, you get your win and you keep going and you are able to grow and expand. I think the way we have it implemented, we will be able to grow and scale as the organization grows. 

We use technical support very frequently. We actually have a weekly call with our sponsor where we go through all of our different support questions. We are on a week-to-week basis where we follow-up with all our questions. We are on the leading edge for Guardium implementations. The version that we are on, it makes us a Fortune Six organization with the current version for all of our data. It requires a lot of support as we grow and mature with the product and with our organization's growth. 

Our initial setup was pretty straightforward because we were just figuring out how it worked. Over the last two years, we have introduced our own complexities to accommodate our requirements. Would I say that it is complex to us today? No. To the average Guardium user? Yes, it would be complex.

We did evaluate other vendors. Guardium was a large purchase. We did our due diligence as we were responsible for the purchase process. Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it. 

To keep track of client information, index security risks, and other information needed at a moments notice. IBM Guardium performs transparent encryption and decryption provides on the fly encryption without needing to be indoctrinated into lengthy training to use it. 

Efficiency is key and IBM Guardium provides information in a heartbeat, but protects the data with military grade encryption. IBM Guardium is used for file and database security for protecting structured and unstructured data. Security policy enforcement of policy-based encryption and centralized encryption key management allows us to maintain data in a secure environment.

IBM Guardium provides a unified key management system to help simplify encryption key management. In a large organization, this is a critical feature and IBM went above and beyond while developing the software. 

Personally, I would like to see IBM Guardium have other encryption algorithms employed, such as DES/3DES or TripleDES, Twofish, Blowfish, or IDEA. I especially would like to see Twofish used, since it is a block cipher designed by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists and is unpatented and open source.

No, IBM Guardium is well designed and compatible with Windows-based computers.  

I have not had nor do I know of any such issues. I believe the design of IBM Guardium is perfect for small to large scale settings, and does not reduce accessibility to content with on the fly encryption.

No, IBM Guardium was already in use. 

Unknown, since I was not involved with the purchase. 

I would suggest to review the type of data, need for security, and if the organizational structure needs the options IBM Guardium provides. 

No, there was no need to. 

Put simply, human error is often the downfall of computer security. When using IBM Guardium, or any encryption software for that matter, use common sense: Encrypt data when not in use, watch where you enter in passwords (not at Starbucks in view of security cameras that can be retrieved by an adversary, or the person next to you), and watch out not to inadvertently install spyware while clicking on a random link. 

Our primary use case of this product is for privileged database activity monitoring. We are customers of IBM and I'm the DBA.

We use the GBDI feature which is very helpful for our needs. The centralization of data is probably the most valuable feature because we span multiple database technologies. 

In general, I find the solution a little complicated to use. Another problem is that we have  encrypted traffic on Oracle and it requires a database outage. That's creates problems because you're monitoring critical systems and they don't like outages.

The solution has been pretty stable for us. 

Our environment is pretty small for scalability purposes, so scalability is not relevant. In terms of the collectors agency, you can always add them. From that perspective, it's scalable, but it introduces more complexity because the more collectors you have, the more management is required. We don't allow people to connect and use self-service. We produce reports for the application teams from the tool ourselves, which is why we only have around 15 users involved in deployment, maintenance and reporting.

The professional services we initially received were really good. Technical support has been okay; it's not outstanding, but it hasn't been too bad either.

The initial setup is quite complex so we used IBM professional services for implementation. We're still in the process of deploying, it's taking a while. That doesn't reflect on the solution; we're very lean with staff and I think that's probably the issue.

If I were choosing a solution now, I would probably look at Imperva and Insights, and go the agentless route, rather than deal with collectors. They still have them with the new system, but they're a little lighter weight. From a manageability perspective, from a scalability perspective, in terms of supporting model databases, they seem to be more viable solutions moving forward.

I rate this solution an eight out of 10. 

database security

We use it for security purposes, particularly because we have customers in financial sectors, banks, and other high profile industries.

The risk spotter which helps to get insight into user activities

The monitoring of Heterogeneous DBs

Entitlement Reports which helps to gain insight on user creation and privilege escalation.

Being an IBM product it offers data security capabilities with robust features. Over the years, it has satisfactorily met the requirements of our customers which makes it a very reliable and versatile solution.

Since we are resellers we do not have enough information about the technical aspects and the areas of improvement. However, one consistent report that we receive from our customers is that IBM does not offer timely support due to the size of the organisation. It would be great if they could improve their response time.

ActivEdge has been reselling IBM Security Guardium Data Protection for the past five years.

In terms of stability, it is also stable and there is no bugs and glitches that we have faced complaints about

On a scale of 10 I will rate it 8 as there are some issues that usually arise during deployment but are usually fixed by patch updates.

The product is very scalable and we deal with majorly enterprise client. Therefore we have to make sure that the product is scalable.

The process of installation and management of the solution is very easy. You can ask for IBM's expertise, since they have been using this for years. The implementation does not really need more than three months under normal conditions.

IBM solutions have fair price strategy, and operates on a yearly basis. If it's a SaaS solution, then you can opt for yearly basis.

While working with the solution, you have to be clear about your requirements. The solution offers different pricing based on different functionalities. If you are able to identify your requirements properly, you are going to do well with the price and get the best out of the product. So understanding the requirements is very important. I would rate this product 8 out of 10.

We use this product to protect our information. It provides the added feature of including some protective marking rules on the data. Security is the overall high-level objective for us using this solution. We are customers of IBM and I'm a tech lead.

If anyone is trying to access unauthorized data, it sends out an immediate alert to those concerned. 

Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.

I've been using this solution for three years. 

The product is somewhat outdated, but it's stable.

If you implement it on the cloud, it's scalable. But once you scale the solution, dumping the business rules, establishing the configured profile, and maintaining those profiles is a very tedious process. Rather than a centralized solution, it would be better to have a distributed environment. In that case, different servers and different nodes, with each node having control over some of the applications, would be better. 

The support level is based on your license. There is a seating license based on the number of users and a concurrent license that is unlimited. If you're at L1, the support is very responsive. For L2 and L3 things move more slowly.

The initial setup needs a lot of coordination and effort. It also requires an information security officer to identify the risk levels of the applications. Monitoring requires a dedicated infrastructure team. We carried out the deployment in-house. Implementation time depends on the degree to which you want to scale and what you're using it for. 

Deployment requires admin support, enterprise-level LDAP authentication services, and application leads. Depending on your infrastructure, you may also require an information security officer and security team as well as security engineers.

There are various licensing models. 

This tool works very well with IBM products but not so well with other tools. 

I rate the solution six out of 10. 

Guardium is a robust solution that provides reliable results. Customers are satisfied with its ease of use and switch from competing products to Guardium. One customer implemented Guardium within two months and found it fully secured their databases. Before Guardium, they faced implementation issues and unreliable monitoring reports. Now, they are expanding Guardium to protect more databases.

The only issue is opening the remote connection to the client. IBM needs to focus more on improving remote connectivity. Microsoft and Cisco provide remote connectivity and have gained customer appreciation.

The solution needs some functionality or features to be added. It might not cover Big Data.

I have been using IBM Security Guardium Data Protection since 2016.

The product is stable.

The tool is scalable.

Support is very good.

Positive

The initial setup is straightforward.

We contracted with the company. It was one of the smoothest implementations we ever had. We started and did the kickoff. After two months, they sent us the closure, acceptance server, and invoices.

The solution has a reasonable and competitive price. FortiDB is cheaper, but it doesn't provide full functionality. You can get cheaper products if you want a product to cover the audit point and don't care about the functionality. If you need a functional solution to help you, you should consider Guardium.

I recommend this solution to medium and big companies. Small customers do not need to maintain it a lot. The price and value they will get from it are worth it, especially if they need to monitor many databases and manage their environment. Guardium can help them see who accesses the databases to prevent data breaches and monitor the audit trail. Smaller companies with one or two databases can manage them by themselves, but Guardium becomes more valuable as the size of their databases and the number of users grow.

Overall, I rate the solution a ten out of ten.