What is our primary use case?
For the mainframe, monitoring DB2 privileged access to our databases.
It has performed really well so far for the purpose, but we're not using the full capacity of it. There's also an open systems side that they're implementing now, that I'm not part of, but there's a lot more growth in that area.
How has it helped my organization?
It's more secure. The big issue is satisfying audit requirements, that is really big in our company right now.
We also use Guardium to support security initiatives and compliance policies within our organization. For what we do, we need to know who exactly is using our privileged IDs, because that's a security risk, if someone who is not authorized does that.
I don't know if Guardium has helped us comply with industry regulations like SOX, PCI, or GDPR. We also have not integrated it into other systems.
In the past we were doing a lot of manual checking, running our own reports, going through SMF data, but now Guardium does that reporting for us. That saves us time and money. Senior management is aware of the savings. They're the ones that really pushed for it.
What is most valuable?
Satisfies audit requests, to give us an idea if anybody is accessing our privileged user IDs without our knowledge.
We don't use any of the advanced features.
Regarding other features we would like to implement, I don't deal with the actual setup of the product. We have a specialist for Guardium to do that for us. We tell him our requirements and he builds the policies. So far it's very limited on our side, but I imagine on the open systems, side there would be a lot more complex policies.
What needs improvement?
Right now we're having some issues where it's using a high CPU, we don't know why. So, better testing before the product is ready would help.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
So far, so good. We've been using it for about two or three years right now, and we have had no issues. Once it was set up properly, it has run as it should.
What do I think about the scalability of the solution?
It appears to be very scalable, especially on the mainframe. On the open systems side there are a lot more servers out there, mainframe is more centralized. On the mainframe it's very scalable. We're only using one percent of it right now, what we're monitoring. But we feel that with the power of the mainframe, that can go up as much as we need.
How are customer service and support?
We use tech support. If we have a problem, we open up a PMR with IBM on the mainframe side, and we also have someone that does the implementation of it on the server side. He works closely with IBM. Our experience with tech support is really good. They're responsive, and we get to the right person.
Which solution did I use previously and why did I switch?
Our previous solution was manual.
Our most important criteria when selecting a vendor are reliability, the reputation, and the product itself has to deliver in an efficient manner. Our company is heavily involved with IBM products, so adding another product or taking a product away is not very hard.
How was the initial setup?
We were somewhat new to it. When it first came out we had it brought in for testing. In the initial stage, the documentation was not very good on the mainframe side. But once we installed it... it was very easy to install in the mainframe side. On the open systems side, and the person supporting it, he has to be more skilled and more knowledgeable of the product, so I can't speak for him.
Which other solutions did I evaluate?
We did not actually PoC anybody else.
What other advice do I have?
I give it a nine out of 10. It's not perfect: Issues like using a high CPU and, in the beginning, it was a little unclear on how to install it. This is only on the mainframe side.
In terms of advice, do a good PoC on it, because I believe it's a very expensive solution. And it has to satisfy the auditors, for sure. If it doesn't satisfy the auditors it won't go anywhere.
Disclosure: I am a real user, and this review is based on my own experience and opinions.