IBM Security Guardium Data Protection Reviews

We are using the data protection module to look after the PML queries of our Oracle admin accounts. I'm the chief information security officer at a financial institution. 

The vulnerability assessment is a valuable feature for us. 

I've found that the backup and recovery is very resource-hungry and requires a huge amount of available storage capacity along with other components, such as processing the RAM. We have a need for 200 GB of data to restore. Reporting needs to be improved as does integration capability with the other DBs. From a technical perspective, reporting is good but not from the management perspective. Due to the legacy application, there is sometimes another version of the DB that is not supported and requires a restart which is a very technical aspect of running applications.

I've been using this solution for 18 months. 

The solution is stable. 

The solution is scalable

The support is not as good as it should be, and when it comes to backup or restoration activity, they can take months to respond. 

The deployment is not complex and we currently have four users of this product.

Licensing costs are higher than other solutions on the market. It's part of our concern and one of the reasons we are discontinuing the use of this solution. 

I don't feel that our local partners are fully equipped with the technical knowledge of the product. Whenever we need support that requires technical expertise, we go to the IBM support portal. As a result, we experience time delays in terms of support and it would be helpful if the local partner improved their knowledge. The other option would be for IBM to provide some management training for the on-prem engineers. 

I rate the solution five out of 10. 

IBM Guardium Data Protection is used not just for protecting data, but also for vulnerability protection. We use it to monitor our active users, activity, and databases, to look at the kind of commands users do on the databases.

We also use the solution to restrict unauthorized users from accessing the databases. Apart from restricting unauthorized users from accessing these databases, we also need to have the stability to add the database, then switch to another database.

We can also turn on the blocking feature of IBM Guardium Data Protection to ensure that some IPs are unable to connect to some databases.

I like IBM Guardium Data Protection because of its good performance. The resources aren't used up to the detriment of the application. It's robust, and we don't really have any serious downtime on it. The support for the application is also okay.

An area for improvement in IBM Guardium Data Protection is automation. I would want it to be more automated, as it runs too much on manual processes. More processes should be automated on the application.

For example: I want a learning environment where IBM Guardium Data Protection can learn the behavior of an environment, e.g. it should be more intelligent, because there is no intelligence yet on the application. It should be able to learn, e.g. you cannot try to block IBM Guardium Data Protection, in general. This is what I want to see: I want to be able to block it, in general.

I want the application to be able to learn, and learn from the environment. IBM should try to bring in more of e-learning to the application. That's another thing that's missing.

What I'd like to see in the next release of IBM Guardium Data Protection is for them to make resources available for the end users to be able to do a self-study, to understand more deeply how the environment works. Having user guides so people can learn more on what the application can do, about its operations, etc. I would like them to occasionally give users tips, e.g. how to do something, how to make your work easy, etc. This is how they can add value, in particular give more value for money, as they give valuable tips, just like how Microsoft does it, for example: "You can use IBM Guardium Data Protection to do this", then they should explain how to do it.

We've been using IBM Guardium Data Protection for two years.

IBM Guardium Data Protection is a stable application.

IBM Guardium Data Protection is a scalable application.

IBM Guardium Data Protection support is okay. Their response time is fine. They have very competent technicians, and their response is high-level.

The setup for IBM Guardium Data Protection was not that complicated. It was easy.

We evaluated Imperva.

We use IBM Guardium Data Protection for our databases. I can't remember the version we're currently using.

I don't think IBM Guardium Data Protection charges you based on the number of users, e.g. they charge based on the number of licenses, and it's either on a per-license or a per-data basis, so I cannot give the number of users currently using the application.

Increasing the usage of IBM Guardium Data Protection depends on the budget. Nobody wants to increase costs, but costs are increasing, so I don't think we plan on increasing usage for the application.

For the deployment of the application, we have the OEM and our technical team in charge.

I'm giving IBM Guardium Data Protection a rating of nine out of ten.

Our primary use case for IBM Guardium Data Protection is audit logging. We monitor transactions and access particular tables in the database with it. 

I would like to see improvements in scalability and easier installation.

I have been using IBM Guardium Data Protection for three years. 

Personally, I have not been very involved with IBM Guardium Data Protection for the last couple of years. However, I think we've had some problems scaling it, but I'm not the right person, really, to answer questions about scalability. My understanding is that there has been some frustration with scaling it, but those may be local issues.

I think IMB's technical support is good. 

The installations are complex. They take several days.

We had help from IBM with deployment.

We pay yearly.

We initially looked at Oracle's own products, but we had legacy databases so we didn't really have many options. We had old flavors of Oracle in place.

Personally, I would not recommend this product. 

We use IBM Security Guardium Data Protection for real-time monitoring, data protection, recovery of sensitive objects, and vulnerable data scanning for databases.

It is a flexible tool for enterprises. It protects sensitive data and blocks unauthorized access to the data.

They could enable the out-of-the-box feature to track application user activity. It will help us observe the activities closely. Another area for potential improvement is implementing a feature for rate limiting the observed set returned to the client against security in a particular session.

We have been using IBM Security Guardium Data Protection for two years.

It is a stable solution. However, they could enable an in-built feature to track user activity for the applications connected to databases. When users enter credentials to authenticate themselves, Guardium should also log the activity and enter its database.

I rate the platform's scalability an eight out of ten.

The technical support services are good.

Neutral

The initial setup process is user-friendly. The deployment time depends on different components, including the collector, SAP agent, immediate and integrator, central manager, deployment size, scalability needs, and specific business use cases. It's relatively easy to implement, but the organization's specific requirements determine the simplicity or complexity. The number of databases to be observed, data classification criteria, and the desired role implementations are crucial considerations. It requires one or two engineers and analysts to execute the process. They are responsible for installing and configuring the components, including agents and collectors. After that, we can collect the logs from the database based on rules and policies to analyze them. It is easy to maintain as well.

The product's pricing is reasonable and affordable. It is in the moderate range.

I recommend IBM Security Guardium Data Protection to others and rate it an eight out of ten. It is a very good enterprise-grade solution.

Guardium is a robust solution that provides reliable results. Customers are satisfied with its ease of use and switch from competing products to Guardium. One customer implemented Guardium within two months and found it fully secured their databases. Before Guardium, they faced implementation issues and unreliable monitoring reports. Now, they are expanding Guardium to protect more databases.

The only issue is opening the remote connection to the client. IBM needs to focus more on improving remote connectivity. Microsoft and Cisco provide remote connectivity and have gained customer appreciation.

The solution needs some functionality or features to be added. It might not cover Big Data.

I have been using IBM Security Guardium Data Protection since 2016.

The product is stable.

The tool is scalable.

Support is very good.

Positive

The initial setup is straightforward.

We contracted with the company. It was one of the smoothest implementations we ever had. We started and did the kickoff. After two months, they sent us the closure, acceptance server, and invoices.

The solution has a reasonable and competitive price. FortiDB is cheaper, but it doesn't provide full functionality. You can get cheaper products if you want a product to cover the audit point and don't care about the functionality. If you need a functional solution to help you, you should consider Guardium.

I recommend this solution to medium and big companies. Small customers do not need to maintain it a lot. The price and value they will get from it are worth it, especially if they need to monitor many databases and manage their environment. Guardium can help them see who accesses the databases to prevent data breaches and monitor the audit trail. Smaller companies with one or two databases can manage them by themselves, but Guardium becomes more valuable as the size of their databases and the number of users grow.

Overall, I rate the solution a ten out of ten.

Our customers include financial institutions like banks, insurance companies, and government entities that use IBM Security Guardium Data Protection for the protection and hardening of their databases.

The most valuable feature of the solution for the customers is the monitoring and full log of the database activity of privileged users. It includes everything happening on the network and locally on the database server.

The solution's pricing should be reduced because it is very high. The solution could be improved for NoSQL databases. From the functionality point of view, the solution has almost everything you need for your database. Overall, the product's functionalities align with the customer's needs.

I have been using IBM Security Guardium Data Protection for more than ten years.

I rate IBM Security Guardium Data Protection a nine out of ten for stability.

Our clients are mostly enterprise businesses.

I rate IBM Security Guardium Data Protection ten out of ten for scalability.

Technical support is always challenging with IBM, but overall it's okay.

Positive

IBM Security Guardium Data Protection is easy to set up and maintain.

Implementing IBM Security Guardium Data Protection takes up to ten days, but the customization and the customer requirement span from one month to six months.

You need to install the product. It's a virtual appliance or a hardware appliance depending on the implementation. When it's set up, the agent must be deployed. Then you have to set the policy. The policy relies on the outcome that the customer wants in the report regarding what has been done with the database and what has been changed.

The solution's pricing was higher before it was acquired. The policy should be for smaller customers to have SMB pricing and for bigger customers to have bigger pricing.

On a scale from one to ten, where one is low price, and ten is very high price, I rate the solution's pricing a nine out of ten.

It is the only solution that can meet the needs of both internal and external audits. It's a very powerful tool that can solve a lot of audit needs.

Overall, I rate IBM Security Guardium Data Protection ten out of ten.

We are resellers of IBM. Most of the use cases of IBM Guardium are to monitor the database activity. The first is to identify any abnormal activities like trying to access the database or trying to create or delete any scheme on the tables. 

The purpose of EBM Guardium is to monitor database activity and who is accessing it. This is the most valuable feature.

We have privileged users, like the DBAs, who are most often the ones accessing the database. We also have web services and application services that talk to the database. With IBM Guardium Data Protection we can see who the previous users were and what web or server actually connected to the data business. 

Secondly, any changes done by the DBAs are recorded so we know that the DB has changed in the data structure, scheme, or creation of a table or drop of a table. 

IBM Guardium Data Protection is a mature product. There is a lot of encryption that is not owned by IBM and is done by a third party and is not an integral part of the solution.

This solution is stable, I don't believe there is another product that is more stable.

The solution is part of IP so you can scale it.

IBM Guardium Data Protection has one of the best supports out there.

The initial setup of IBM Guardium is straightforward. The deployment depends on the organization and types of servers. The only delay is when there are critical data servers that require a planned approach. 

You can deploy the solution by pushing it through a central aggregator or a collector.

We engage a consult to deploy the solution because it is not only installing the solution but also doing a report. 

The installation requires the involvement of a DBA, but it depends on the number of databases.

The licensing is much easier now. It's for IP, it is not part It's not part number of databases of schema, it's for the IP so it's much simpler now.

If you are considering IBM Guardian Data Protection you should be aware of your environment. For example, if you are in the banking sector you need to plan very well so it can be scaled accordingly.

It is important to hire a consultant when installing this solution. They can provide an analysis of what exactly needs to be done. Keep in mind that this is a data access management database, it's not only about data but also about files. 

I rate this solution a 9 out of 10.

The primary use case for most of our customers is for monitoring and compliance. It's mostly deployed on-premises and it's a database activity monitoring solution. 

The most valuable features have been how easy it is to deploy and use, as well as the comprehensive monitoring options. These are a few things that customers like most about this product. 

The analysis part of this product could be improved. It's a very comprehensive product, so the features it has complement customer requirements. But I would like to see more emphasis on analytics, and it would be great if they added machine learning. They already have analysis insights, but a comprehensive analytical feature that's already incorporated into the solution would be very helpful. 

I have been working with IBM Guardium for the past 10 years. 

This solution is stable and reliable. 

This solution is scalable. That's one of the missions of this product—it can scale. 

I think technical support is generally helpful, but it depends on the situation and the complexity of the problem. Most of the time, we resolve customers' issues ourselves, but technical support is helpful whenever I do require their help. 

Most of the time, the deployment process is straightforward. There is a specific process which isn't too complicated or difficult. The amount of maintenance that will be required depends on the deployment. When we set up the solution, we usually try to optimize it so that it requires little maintenance. 

My company provides implementation services to customers. 

Guardium is most suitable for large scale enterprises because the pricing model is better if you are implementing a large number of databases. It may be suited to medium enterprises, but to a lesser extent. It depends on customer requirements, but it's best suited to large companies because of affordability. 

I have experience with Oracle Audit Vault and Imperva SecureSphere Database Security, which are the two main competitors. If you compare Guardium with Audit Vault, the main differences are in the deployment model, how they work, and the focus of each product with regard to monitoring. Audit Vault has a different deployment method. Imperva is more similar to Guardium. 

If you are looking to implement Guardium, you first need to understand your requirements. The objective of these database and security monitoring solutions is for compliance and auditing. You want a solution that will monitor everything, but the main objective is to monitor the right areas or the key parts of the area that should be monitored. This is the one thing customers should consider before choosing any database or similar solution. 

We have good relationships with our customers, so whenever they're looking for a solution, we try to partner with them and align them with a product that will meet their needs. Usually when we go with this product, we go with SQL first, then go for integration deployment. Our recommendations are based on customer requirements. Even if it's a good product, it may not be a good fit for the customer. 

I would rate this product an eight out of ten, just because there's always room for improvement.