We changed our name from IT Central Station: Here's why
Get our free report covering IBM, Imperva, Trustwave, and other competitors of Oracle Audit Vault. Updated: January 2022.
564,729 professionals have used our research since 2012.

Read reviews of Oracle Audit Vault alternatives and competitors

Md Saiful Hyder
AGM, Enterprise Solutions at Omgea Exim Ltd
MSP
Top 5Leaderboard
Better integration options than competitors, with affordable licensing
Pros and Cons
  • "IBM Guardium Data Protection has better integration options than most of the leading competitors on the market, and the price is always better."
  • "Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF."

What is our primary use case?

Currently, my customer has 10 different types of databases for their various banking applications and they intend to deploy IBM Guardium Data Protection to secure their database activities. As soon as it is deployed, we're able to get some insights into what is going on with their databases, to help ensure the integrity of their data in the future.

Two banks are also working on two opportunities with IBM Guardium right now. I believe this is a compliance requirement; nowadays, everyone has to buy database protection. In that case, technically, Oracle will get the added advantage here, because most of the banks are already using Oracle database.

What is most valuable?

IBM Guardium Data Protection has better integration options than most of the leading competitors on the market, and the price is always better. 

What needs improvement?

One thing I'm always thinking with regard to Guardium Data Protection is that, when compared to Oracle AVDF, Oracle's often got the upper hand when it comes to the standard features. So I believe that needs to be addressed by IBM. 

Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF. Considering the competitive benefits that AVDF is providing compared to Data Protection, I can see that some improvement is required in terms of the firewall-related features.

Another observation I have is that industry resources are not available to handle this product, and I believe that deployment should be much easier than what we have right now. I'm thinking along the lines of some kind of wizard that makes it easier for users to get started right away. For example, to make it so they can do the deployment easier with drag and drop, etc.

It has to be more user-friendly so that anybody can deploy it, anybody can adopt it, and anybody can do the configuration. It has to be built in such a way that even if you are not a product expert, whether from IBM or otherwise, or that if you know only Word, then you can still configure it. So they have to offer that flexibility in the product.

They can hide the complexity by bringing in more GUI elements so that people can more easily get on board. And also they can introduce the knowledge base side by side so that whenever they are using the product, they can quickly check what exactly needs to be configured. You have Redbooks, and Redbooks can help but maybe they can include something extra. While users are installing maybe IBM can put in some guidance, "Okay, if you do this then you configure this and that."

At the same time, the market has lots of Oracle expertise here. But for IBM, there are no local resources available, and we are highly reliant on external resources. So, I would highly recommend that IBM initiates something like a certification campaign for the end user, as well as for the partner. As a partner, we are trying to do our level best, but I believe it would really benefit users for IBM to come up with some pre-certification campaigns like AWS and Azure do, especially in terms of how they promote their products through learning.

What I believe is that, in order to establish the product in the market, IBM has to invest in developing resources. IBM need to strategize in such a way that it's not just selling. IBM has to develop the resources within the industry, so that there's more word of mouth; people are now talking about AVDF, because they only know about AVDF.

For how long have I used the solution?

I have been working with IBM Guardium Data Protection since last year. 

What do I think about the stability of the solution?

I can say that it's a stable product. 

What do I think about the scalability of the solution?

Scalability is no problem. 

How are customer service and technical support?

Support is where the problem is. Since IBM is not in this country, in terms of technical support and also skill sets in the market, there is not much help available to handle Guardium Data Protection. That's where I suggest that IBM should bring marketing people and do some campaigns, like certification campaigns, so that we can have some skilled experts who will develop resources within the industry to promote and support this product.

How was the initial setup?

Since it comes as an appliance, it's kind of plug and play. I can't be too precise, but it only takes around two hours to initialize the virtual appliance.

What's my experience with pricing, setup cost, and licensing?

For IBM Guardium, licensing is very simple and straightforward. There are no issues I can speak of.

Regarding the pricing, Guardium's price is always better compared to competitors like Oracle. It's not expensive compared to what the leading competitors are providing and on top of that, the integration options with IBM are also better for the price you pay.

What other advice do I have?

I can definitely recommend IBM Guardium and we are going to continue using and promoting it in the future.

I have been working with IBM for approximately 13 years and I've personally found that IBM products are very useful. However, the problem is that IBM's product stack isn't fully present in this country and there is a clear lack of industry resources, so customers remain unaware of their products and they are not adopting products even though this product is very good. Whenever we are talking about the idea of data protection we talk about IBM's solution, Guardium Data Protection.

The main problem is that customers often throw questions like, "What about deployment? What about the support? Are we going to get good support from the local team?" They're not bothered about portal support, they talk about the internal market industry resources. That's where we come in. So even though I am recommending IBM, I know some customers will also like Oracle AVDF.

I would rate IBM Guardium Data Protection an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Core Banking Application Support at a financial services firm with 10,001+ employees
Real User
Top 20
Good granular auditing, but have had issues with the WAF and do not find it user friendly
Pros and Cons
  • "Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do."
  • "The solution is expensive."

What is our primary use case?

We primarily use the solution for monitoring database activities.

What is most valuable?

Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

What needs improvement?

The feature right now that we have not been able to use successfully is the firewall aspect, the WAF.

In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow.

The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. 

The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product.

The solution is expensive.

If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

For how long have I used the solution?

I've been using the solution for about four to five years now.

What do I think about the stability of the solution?

The stability is okay. I don't recall any kind of bug or glitch. It doesn't freeze or crash. Aside from issues with WAF, it's good.

What do I think about the scalability of the solution?

The scalability is fine for our purposes. We are able to modify the product, and we are able to do things to suit what we need, so it's okay for us. If I were to rate them out of ten on scalability, I'd give them a six.

How are customer service and technical support?

One of the reasons we want to leave this solution is the fact that we don't have any technical support whatsoever. If there was some on offer, it might convince us to stay. Technical support is typically handled by partners, and they do not do a good job. We've been trying to reach the parent company directly because we are unsatisfied with the level of service we've received and we've had no luck. Therefore, we'll probably leave the service altogether.

What's my experience with pricing, setup cost, and licensing?

The solution is pretty pricey. It's not the least expensive option. An organization will have to ensure they have the budget to cover the cost or having the product. I'd say that the amount of money they charge is unreasonable sometimes. If I were to rate them out of ten on pricing, I would give them a one.

Which other solutions did I evaluate?

We're currently looking to move away from Imperva. We're considering Audit Vault.

What other advice do I have?

The solution is okay, however, there is a lot to be improved upon. For that reason, I'd rate them five out of ten overall.

It's not a bad tool. It's a good tool. I tend to recommend it to others, however, if you're a small company, it may not make sense due to the fact that it is quite expensive.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Get our free report covering IBM, Imperva, Trustwave, and other competitors of Oracle Audit Vault. Updated: January 2022.
564,729 professionals have used our research since 2012.