IBM Security Guardium Data Protection Reviews

Database activity monitoring.

Its performance is good, most of the time.

The benefit is that it's made database monitoring more visible to the business, creating more conversations about how we should do it better. So it's increased the visibility and discussion.

It also helps us with GDPR and SOX compliance and just looking at specific policies around; protecting sensitive data. 

We haven't integrated it with other systems we use.

In terms of saving us time and money, I'm not sure if Guardium does. I know we spend more time and money to cover monitoring, this is something we didn't do before, so I think it's more about the capabilities it's given us.

The architecture and the robustness of the data it produces.

Regarding advanced features, I'm using enforcement in the policies. In the future I would like to do more classification. 

More cloud support. 

For the most part, it's pretty stable. We've had some issues recently that we're working through, on the agent software that runs on the databases.

The scalability is good.

I would say tech support is about a seven out of 10.

It can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take.

Our most important criteria when selecting a vendor are stability and architecture.

I rate this solution a nine out of 10 because there are a few things I'm working through that I would like to see improved, mostly around the stability on the agent software side, working with the database vendors.

Regarding advice, I would recommend you use it and that you try to leverage IBM's support and services as much as possible to help get through the initial installation and configuration.

We have implemented it on an industrial network to monitor the production of medicines. This is something that is very controlled by Brazilian regulations and we have to keep an audit trail for this data. Trying to enable it on SQL Server - that was our client's main server - the load would go so high that they couldn't use the application anymore. They are using Guardium now so they can produce that audit trail for audit compliance.

We have integrated IBM Guardium with IBM Watson Curator. They access Curator to identify and correlate other actions the user is doing to determine if this is a legitimate action or not.

In terms of advanced features, our clients are starting to implement it on an order basis so they can get to GDPR and the like; those Accelerators. They also use it a lot for PCI, to get access to credit cards.

Guardium has saved us time and money, mainly on the discovery process and senior management is aware of this, of course.

The Audit Trail.

They could improve the Data Masking a little.

Stability is quite good. We had some problems, but support is very effective so we were able to solve them very quickly.

We had instability with reports, they were giving some errors. I don't know exactly what had happened because I wasn't the one involved, but we couldn't access reports.

Tech support is very good.

We knew we needed to switch because of that problem with the audit trail, that SQL couldn't keep up with what we needed to do for auditing. That's why we had to search for a new solution.

It's very easy.

I would rate it an eight out of 10 because it is very stable; we had some problems but they were solved, and we can do what we need to do.

To provide cyber security for databases.

It has performed very well.

It has made us more responsive and more productive, more efficient.

We use Guardium to support security initiatives and compliance policies. We are in the healthcare world, so it helps us with HIPAA compliance. It has also helped us with PCI. We haven't gone with GDPR.

We have not yet integrated Guardium with other systems we use.

It has saved us time and money by definitely making us more productive. Senior management is aware of this.

It provides a comprehensive security for databases, both on-prem and on the cloud.

Among the advanced features we use automatic backups, DR. We'd like to implement more predictive, using Watson.

More predictive, using Watson AI would be good.

It's very stable.

It's scalable.

We sometimes use technical support from IBM. It has been good, very good.

We were using traditional cyber security stuff. But this is a pretty good product. We became an IBM business partner, we are a cyber security business partner for IBM. We have other products besides Guardium that we are marketing.

The most important criteria when selecting a vendor are their

• stability
• quality
• support.

It was straightforward.

Buy it.

It's a security product that works across multiple platforms, in our case it's the mainframe and the midrange. We use it to detect when somebody accesses restricted data and report on it.

So far it has performed quite well, we're happy with it.

We used to use cobbled-together scripts, different products and different pieces on different platforms. This is one consolidated tool so one report comes out for each director and it's clean and easy. There is some scripting involved to tell it what is important and what is not important - which is important to us.

In terms of security initiatives and compliance policies within our organization, that's basically what we use it for: the reporting of who touches what data. And that goes up to the directors and they approve or get mad at you and ask you why you did something.

IBM Guardium probably helps us comply with industry regulations like SOX, PCI, or GDPR, but the big driver was more internal and audit-related, rather than industry-related.

We haven't integrated Guardium with other systems we have.

It has saved us time and money. As I mentioned, we had a bunch of cobbled-together scripts that were manually maintained for different platforms. This solution automated all that and made it such that the security administrators can run it themselves and not involve us. So there is less "people effort." Senior management is aware of the savings.

It makes the auditors happy.

It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes.

I have no idea what the advanced features are, so we're probably not using them.

Lower pricing would always be good but apparently we're getting our money's worth or we wouldn't be using it.

I'm pretty impressed with the stability. There was medium-sized initial effort getting it configured and set up and doing what we wanted it to do, but it just runs and we don't have to deal with it.

We run it on the mainframe and on the midrange platforms and we haven't had any performance issues of any kind. We haven't really had to scale it. We pick and choose what's important to us, so we don't monitor everything. If we were going to monitor everything it would probably be an issue, something we would have to address.

I have not used tech support personally. We did have some support help at the beginning, learning it and getting it set up.

We were previously using homegrown scripts. We decided to switch primarily because this is a multi-platform solution that consolidates everything and centralizes support for it.

When selecting a vendor, we reviewed two other products, but the main reason was that this is a multi-platform solution and it worked well in our environment.

I was not directly involved but I was involved somewhat since I had worked with some of the systems in the past, so maybe some requirements gathering.

The setup seemed pretty straightforward to me.

We're very happy with it. It depends on what your needs are, but it meets our needs.

We want to protect our data. That's the primary use case.

So far, performance has been okay.

We are able to identify who does what, when, and we are able to go back to them and say, "Is this an authorized activity? Is it not an authorized activity?" Why are they doing it? Is there an outlier? Go back and find out if that is normal, unusual? It has helped the overall perspective of making our operations more compliant with the regulatory requirements.

We use Guardium to support security initiatives and compliance policies in our organization. For example, we create reports that tell us how often is a password locked, how many exceptions we are getting, how many failed login items we are getting. We send those reports to the compliance and auditing folks. We do vulnerability assessments, detect vulnerabilities and send reports.

Currently we are not focused on GDPR because we are mainly a US-based company. I don't think I would say that Guardium has saved us time or money.

It does the monitoring of access very well, although we currently don't use any of the advanced features.

Get rid of the collectors. Stream the data directly from the agents to the Big Data link.

The solution is very stable, but it has its challenges. 

I would rate tech support about seven out of 10.

This was a management decision. I think when they found Anthem was getting breached they decided, "Hey, let's try something else."

When selecting a vendor, the most important criteria for me are the

• reliability of the vendor
• name recognition
• support model
• cost, of course.

If you know it, it's pretty straightforward. Otherwise, there is a little learning curve.

The biggest challenge is the cost associated with the product, and the cost of maintaining. Everything is not translated directly to the benefits we see. There are benefits, yes, but if I were writing the check, would I buy Guardium? No.

It's pretty good. We have the latest version, so we are able to scale.

I would rate this solution six out of 10. The benefit to the cost is not justified, in my opinion.

I would say Guardium is a good product. It's a very good product, but you want to weigh how much you want to implement. Do you want to focus on only certain applications? Certain databases? Don't do it across the enterprise. So think about that.

Primarily re-monitoring sensitive data and privilege user access. 

One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

• Our ability to see when users are accessing sensitive data. 
• The front-end works very well. 
• Gathering the data works very well. 

We are using quite a few of the advanced features. Some of those include some scripting for integration with our other security tools in the environment along with data collection, and the ability to use large data formats for monitoring and information. 

One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

Guardium is very stable. The only outages that we have had have been self-induced, which is hard to admit. As a platform, it provides great stability.

Guardium should meet our needs going forward. 

We have only been using Guardium for a short period of time, so we had some growth problems. It is just like growing into your body. Your knees start to hurt after a little while, but once you get through that growth spurt, you get your win and you keep going and you are able to grow and expand. I think the way we have it implemented, we will be able to grow and scale as the organization grows. 

We use technical support very frequently. We actually have a weekly call with our sponsor where we go through all of our different support questions. We are on a week-to-week basis where we follow-up with all our questions. We are on the leading edge for Guardium implementations. The version that we are on, it makes us a Fortune Six organization with the current version for all of our data. It requires a lot of support as we grow and mature with the product and with our organization's growth. 

Our initial setup was pretty straightforward because we were just figuring out how it worked. Over the last two years, we have introduced our own complexities to accommodate our requirements. Would I say that it is complex to us today? No. To the average Guardium user? Yes, it would be complex.

We did evaluate other vendors. Guardium was a large purchase. We did our due diligence as we were responsible for the purchase process. Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it. 

It tests security to support SOX compliance.

It supports our audit compliance. We use IBM Guardium to support security initiatives and compliance policies within our organization. We have a lot of self controls which require the database to be monitored, especially for the privileged user.

• Its band monitoring. We just started to use it.
• The mobility assessment

I would like them to support cloud services.

It is pretty good, though we have had some issues. Sometimes the performance is not good, and also sometimes we have sudden bugs causing difficulties. Therefore, it is hard for IBM to fix.

Scalability is good.

My experience with technical support depends. Sometimes, with Level 1, it is not good. However, when the case goes to Level 2, the support is pretty good.

The initial setup was pretty straightforward.

Senior management is aware that Guardium has saved the organization time and money

We just talked to IBM. If we have a problem, maybe they can offer us something new, new features, etc.

IBM Guardium is good.

Most important criteria when selecting a vendor: reliability.

To protect the data. We're trying to monitor privileged users, get an idea of what's normal access, and to make sure that service account usage is only coming from the appropriate places, not being used by people from their own work stations.

How I would describe how well it's performing is that we are taking a slow and steady approach to it. Right now, I would say we're going from crawl to walk as far as usage goes; not using any of the sophisticated features, more getting the base implementation in place.

I think we have a better handle on who is accessing our data.

We use Guardium to support security initiatives and compliance policies within our organization. Our internal audit is keeping an eye out, and making sure that we're in compliance. Having the Guardium solution and its reporting helps us get through that process a lot more quickly and efficiently.

We're not using any of the workflow yet, but I would say yes, it is helping with compliance reporting. We're making sure that we're monitoring the usage of privilege accounts, managing the use of the service accounts.

We have not integrated Guardium with any other systems.

It has made us more efficient in demonstrating that we are in compliance, and enables to get through audit processes more quickly, which saves time and money.

Probably the most valuable feature for me, in my role as systems DBA, is the expediting of internal and external audits.

The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that. It was built by the guy who helped develop Guardium but left IBM and spun up his own company. They found a need and they filled it. I think they filled it better than at least IBM thinks they can do for now.

I'm not the administrator of the product so I don't know that I would be the best one to answer this. But from more of a consumer's perspective, the fact that the S-TAPs and such run on my systems, it has not caused us any problems; a little bit in the SQL Server space, but overall it has been good.

I think that it's very scalable. You can spin up new Collectors and Aggregators as needed so, I'd say it's sufficient.

I do not have experience with technical support. I know that our main Guardium guy is the head of the user group, so, he has used it. He has connections. He usually gets quick feedback because they know he is very visible.

We had rolled our own stuff to do some of what Guardium does, but I think it was organizational recognition that switching was something that needed to be done. The monitoring and reporting was lacking in our organization. We had pockets where we had built our own, but now we're able to use one platform to do that monitoring for all of our database environments.

We went with IBM because it was a combination of functionality and familiarity, in that we have a lot of IBM products in-house, and it fit the criteria.

It was straightforward.

We did evaluate others, but I couldn't tell you what they were because that was a couple of years ago.

It does a good job for what it's designed to do. You may want to look into the enhanced reporting that's available by the third party, because some of the report-building features are not as nice as some of the third party's.