IBM Security Guardium Data Protection Reviews

It's a security product that works across multiple platforms, in our case it's the mainframe and the midrange. We use it to detect when somebody accesses restricted data and report on it.

So far it has performed quite well, we're happy with it.

We used to use cobbled-together scripts, different products and different pieces on different platforms. This is one consolidated tool so one report comes out for each director and it's clean and easy. There is some scripting involved to tell it what is important and what is not important - which is important to us.

In terms of security initiatives and compliance policies within our organization, that's basically what we use it for: the reporting of who touches what data. And that goes up to the directors and they approve or get mad at you and ask you why you did something.

IBM Guardium probably helps us comply with industry regulations like SOX, PCI, or GDPR, but the big driver was more internal and audit-related, rather than industry-related.

We haven't integrated Guardium with other systems we have.

It has saved us time and money. As I mentioned, we had a bunch of cobbled-together scripts that were manually maintained for different platforms. This solution automated all that and made it such that the security administrators can run it themselves and not involve us. So there is less "people effort." Senior management is aware of the savings.

It makes the auditors happy.

It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes.

I have no idea what the advanced features are, so we're probably not using them.

Lower pricing would always be good but apparently we're getting our money's worth or we wouldn't be using it.

I'm pretty impressed with the stability. There was medium-sized initial effort getting it configured and set up and doing what we wanted it to do, but it just runs and we don't have to deal with it.

We run it on the mainframe and on the midrange platforms and we haven't had any performance issues of any kind. We haven't really had to scale it. We pick and choose what's important to us, so we don't monitor everything. If we were going to monitor everything it would probably be an issue, something we would have to address.

I have not used tech support personally. We did have some support help at the beginning, learning it and getting it set up.

We were previously using homegrown scripts. We decided to switch primarily because this is a multi-platform solution that consolidates everything and centralizes support for it.

When selecting a vendor, we reviewed two other products, but the main reason was that this is a multi-platform solution and it worked well in our environment.

I was not directly involved but I was involved somewhat since I had worked with some of the systems in the past, so maybe some requirements gathering.

The setup seemed pretty straightforward to me.

We're very happy with it. It depends on what your needs are, but it meets our needs.

We want to protect our data. That's the primary use case.

So far, performance has been okay.

We are able to identify who does what, when, and we are able to go back to them and say, "Is this an authorized activity? Is it not an authorized activity?" Why are they doing it? Is there an outlier? Go back and find out if that is normal, unusual? It has helped the overall perspective of making our operations more compliant with the regulatory requirements.

We use Guardium to support security initiatives and compliance policies in our organization. For example, we create reports that tell us how often is a password locked, how many exceptions we are getting, how many failed login items we are getting. We send those reports to the compliance and auditing folks. We do vulnerability assessments, detect vulnerabilities and send reports.

Currently we are not focused on GDPR because we are mainly a US-based company. I don't think I would say that Guardium has saved us time or money.

It does the monitoring of access very well, although we currently don't use any of the advanced features.

Get rid of the collectors. Stream the data directly from the agents to the Big Data link.

The solution is very stable, but it has its challenges. 

I would rate tech support about seven out of 10.

This was a management decision. I think when they found Anthem was getting breached they decided, "Hey, let's try something else."

When selecting a vendor, the most important criteria for me are the

• reliability of the vendor
• name recognition
• support model
• cost, of course.

If you know it, it's pretty straightforward. Otherwise, there is a little learning curve.

The biggest challenge is the cost associated with the product, and the cost of maintaining. Everything is not translated directly to the benefits we see. There are benefits, yes, but if I were writing the check, would I buy Guardium? No.

It's pretty good. We have the latest version, so we are able to scale.

I would rate this solution six out of 10. The benefit to the cost is not justified, in my opinion.

I would say Guardium is a good product. It's a very good product, but you want to weigh how much you want to implement. Do you want to focus on only certain applications? Certain databases? Don't do it across the enterprise. So think about that.

Primarily re-monitoring sensitive data and privilege user access. 

One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

• Our ability to see when users are accessing sensitive data. 
• The front-end works very well. 
• Gathering the data works very well. 

We are using quite a few of the advanced features. Some of those include some scripting for integration with our other security tools in the environment along with data collection, and the ability to use large data formats for monitoring and information. 

One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

Guardium is very stable. The only outages that we have had have been self-induced, which is hard to admit. As a platform, it provides great stability.

Guardium should meet our needs going forward. 

We have only been using Guardium for a short period of time, so we had some growth problems. It is just like growing into your body. Your knees start to hurt after a little while, but once you get through that growth spurt, you get your win and you keep going and you are able to grow and expand. I think the way we have it implemented, we will be able to grow and scale as the organization grows. 

We use technical support very frequently. We actually have a weekly call with our sponsor where we go through all of our different support questions. We are on a week-to-week basis where we follow-up with all our questions. We are on the leading edge for Guardium implementations. The version that we are on, it makes us a Fortune Six organization with the current version for all of our data. It requires a lot of support as we grow and mature with the product and with our organization's growth. 

Our initial setup was pretty straightforward because we were just figuring out how it worked. Over the last two years, we have introduced our own complexities to accommodate our requirements. Would I say that it is complex to us today? No. To the average Guardium user? Yes, it would be complex.

We did evaluate other vendors. Guardium was a large purchase. We did our due diligence as we were responsible for the purchase process. Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it. 

It tests security to support SOX compliance.

It supports our audit compliance. We use IBM Guardium to support security initiatives and compliance policies within our organization. We have a lot of self controls which require the database to be monitored, especially for the privileged user.

• Its band monitoring. We just started to use it.
• The mobility assessment

I would like them to support cloud services.

It is pretty good, though we have had some issues. Sometimes the performance is not good, and also sometimes we have sudden bugs causing difficulties. Therefore, it is hard for IBM to fix.

Scalability is good.

My experience with technical support depends. Sometimes, with Level 1, it is not good. However, when the case goes to Level 2, the support is pretty good.

The initial setup was pretty straightforward.

Senior management is aware that Guardium has saved the organization time and money

We just talked to IBM. If we have a problem, maybe they can offer us something new, new features, etc.

IBM Guardium is good.

Most important criteria when selecting a vendor: reliability.

To protect the data. We're trying to monitor privileged users, get an idea of what's normal access, and to make sure that service account usage is only coming from the appropriate places, not being used by people from their own work stations.

How I would describe how well it's performing is that we are taking a slow and steady approach to it. Right now, I would say we're going from crawl to walk as far as usage goes; not using any of the sophisticated features, more getting the base implementation in place.

I think we have a better handle on who is accessing our data.

We use Guardium to support security initiatives and compliance policies within our organization. Our internal audit is keeping an eye out, and making sure that we're in compliance. Having the Guardium solution and its reporting helps us get through that process a lot more quickly and efficiently.

We're not using any of the workflow yet, but I would say yes, it is helping with compliance reporting. We're making sure that we're monitoring the usage of privilege accounts, managing the use of the service accounts.

We have not integrated Guardium with any other systems.

It has made us more efficient in demonstrating that we are in compliance, and enables to get through audit processes more quickly, which saves time and money.

Probably the most valuable feature for me, in my role as systems DBA, is the expediting of internal and external audits.

The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that. It was built by the guy who helped develop Guardium but left IBM and spun up his own company. They found a need and they filled it. I think they filled it better than at least IBM thinks they can do for now.

I'm not the administrator of the product so I don't know that I would be the best one to answer this. But from more of a consumer's perspective, the fact that the S-TAPs and such run on my systems, it has not caused us any problems; a little bit in the SQL Server space, but overall it has been good.

I think that it's very scalable. You can spin up new Collectors and Aggregators as needed so, I'd say it's sufficient.

I do not have experience with technical support. I know that our main Guardium guy is the head of the user group, so, he has used it. He has connections. He usually gets quick feedback because they know he is very visible.

We had rolled our own stuff to do some of what Guardium does, but I think it was organizational recognition that switching was something that needed to be done. The monitoring and reporting was lacking in our organization. We had pockets where we had built our own, but now we're able to use one platform to do that monitoring for all of our database environments.

We went with IBM because it was a combination of functionality and familiarity, in that we have a lot of IBM products in-house, and it fit the criteria.

It was straightforward.

We did evaluate others, but I couldn't tell you what they were because that was a couple of years ago.

It does a good job for what it's designed to do. You may want to look into the enhanced reporting that's available by the third party, because some of the report-building features are not as nice as some of the third party's.

We acquired Guardium to encrypt certain databases to meet a customer requirement.

It has been performing to spec.

We use Guardium to support security initiatives and compliance policies within our organization. The encryption meets a requirement. It was a requirement of a customer. I don't think it is a compliance requirement, but it did come through as a request from a prospective client, so we implemented it.

I don't know if this solution has helped us to comply with Industry regulations like SOX, UCI or GDPR. We have not integrated it with other systems we use. I would not say it has saved us time or money.

I understand that it's one of the first to encrypt DB2 databases.

I'm not able to answer whether we're using any of the advanced features.

This would be a question for one of the technical folks, probably not for me.

It was difficult implementing it, configuring it, getting it up and running and in production. However, since then, I believe it has stabilized.

We haven't really tested the scalability with it as yet, we're really only encrypting a very small percentage of our data.

Technical support is interesting because, when we implemented Guardium, it was a partnership of IBM with the company that, I think, Guardium either partnered with or acquired since then. So, even though support was funneled through IBM, it was actually performed by the third-party software company, and it was difficult and challenging at times. There was a layer of interpretation between IBM and Rocket Software, and sometimes that was helpful and other times not so much.

In terms of advice, I would say allow the technology to mature a little more. I think we were one of the first, if not the first, to implement Guardium. And, like I said before, it was kind of painful, but let the maturation process run it's course. I'd say learn from other people's mistakes or, not so much mistakes, just experiences. Benefit from other peoples' pain, bumps, and bruises.

I rate it seven out of 10 only because it's a unique, niche offering that is not, that I know of, offered elsewhere in the marketplace. It fills a need, which is good. I don't know how prevalent the need is in the marketplace but it's nice to have an offering there that, when needed, you can implement something.

The primary use case is security of our data in the bank.

Performance is very good.

Security. This is the main capability that you have in this solution.

In terms of compliance, we need to track users, database logins, and run inquiries. Guardium stores this log information very well. We don't use it for compliance with industry regulations like SOX, PCI or GDPR.

We have integrated Guardium with our database, SQL server, Hadoop, and Oracle Database. The integration is very simple. We just installed the solution and the rest was very simple.

I believe Guardium save us time and money. Upper management is aware of these savings.

It's simple to use and managing the solution. It's very, very good for security and tracking users and databases in the organization.

Stability is very good. I don’t have downtime with this solution.

We used support to configure Guardium with Hadoop only. The support was good. I did not need to escalate this ticket.

The pricing was for a big package, including all IBM products. As such, it was good value.

I don’t know because I am new in this company. I don’t know the history.

When selecting a vendor, I look at the price and the scope of solution.

My advice is to use this solution. For security and compliance it is very, very good.

Our primary use case would be for compliance reporting: DBA activity monitoring for SOX regulations.

It has performed fairly well. There are issues here and there, but it is the only product on the market that can do this job. It is the industry leader in database security.

It has improved the way our organization functions. It has automated a bunch of manual tasks, giving us insights into activities that we would not otherwise be able to capture.

We use it to support our top two security initiatives. We have one large project that is focused around locating our sensitive data elements and we have used the discovery agent to do just that. Then, we also have another stream in that project towards monitoring these sensitive data stores, so we use some of the Guardium monitoring features and alerting features to monitor these sensitive databases.

We use it for our SOX compliance reporting. We have it integrated with LDAP and Active Directory. We are looking to integrate it further with Splunk and a change management system. 

The integration process is challenging: 

• Pulling from the Active Directory and LDAP is not bad once you figure it out. Typically, customers need to work with IBM support to do this. 
• For the Splunk integration, we are in process of doing this. We have been working with Splunk to pull the data out. 
• For the change management piece, we have not really started this yet.

Some of its reporting capabilities. Guardium does a great job of capturing data and having the ability of trying to pull it out and make sense of it. Using it for business applications is its biggest capability. 

We use many of the advanced features. We are one of the more advanced Guardium clients, thus we use features, such as custom tables and the ability to import custom data. We have used some of the data discovery pieces before, along with the classification builder. Therefore, we are pretty strong power users in the product.

We have been looking into Guardium Big Data Intelligence and seeing if it makes sense for our organization.

Overall testing and quality need improvement. It is fairly buggy at times, so it feels like it could use additional staff on the product, testing and trying it out.

I would like to see a lot of additional reporting and analytics features. They have basic outlier detection, but I would love to see that go further, and model it after analytics tools like Splunk. If the product could integrate with Splunk, or mimic it, it would provide a lot of value. 

Stability is average. There are frequently new issues with releases. As long as you stay a version or two behind, you are pretty stable. However, we have had some issues with patches breaking things unexpectedly in our environments.

Scalability is very good. You could easily throw it onto a VM or add additional hardware. One central manager supports about a hundred managed units, so scalability is excellent.

We frequently use technical support. We have some arrangements made with them, but our support is generally pretty good for smaller issues. For larger issues, we would like a bit more communication from them. Therefore, when there is a known product bugs, known fixes, or known issues, it would be great if they made those a little easier to find or published them at all. That would save us a lot of time and effort.

We invested in Guardium because of regulatory compliance issues. Guardium is the only product in the market that could meet these needs. 

I was not involved in the initial setup.

Guardium has not saved us time or money. Senior management is aware of this.

If you are researching this type of solution, work with IBM.

Only Guardium.

Most important criteria when selecting a vendor: 

1. The ability to meet requirements.
2. Costing
3. Scalability and market share.