IBM Security Guardium Data Protection is a solution for database security from IBM that gives complete visibility, control, and analysis to secure sensitive data and comply with regulations.
IBM Security Guardium is ideal for enterprise-level companies. One of our clients, a bank, uses it for monitoring their database activity. IBM Guardium can track the database activity and detect vulnerabilities such as SQL injections. It is very stable and ideal for safeguarding sensitive client information and data. It prevents leaks and data loss.
One of the advantages of IBM Guardium is that it monitors the database without changing the configuration. The policy setup process enables you to define security policies down to the last detail. Guardium makes it easier to comply with regulations because it has pre-defined policies according to GDPR. The support is very good, and the reporting is very straightforward.
The interface is not very user-friendly if you are not used to IBM products, though. Once you get over the learning curve, it does get easier. We found that the SIEM integration is pretty poor.
Imperva Data Security is also an enterprise application for data security, but unlike IBM Guardium, it combines a database with file security management. Imperva is very reliable and sends alerts whenever it detects suspicious activity. It records all database transactions for analysis. Imperva works very well to monitor new access to the database and provide alerts about unauthorized users.
Regarding compliance, Imperva offers multiple options for auditing; the data is presented in an audit-friendly format and is extremely resilient, even in Linux. The user interface can be confusing, though, with so many menu options. Someone not familiar with the product will have a difficult time trying to configure the agents. Additionally, it requires fine-tuning to get actionable insights from the alerts. A big inconvenience is that some common encryption keys are not compatible with Imperva.
All in all, if your use case requires tight auditing processes, then Imperva is a better solution. IBM would be more suitable for enterprises using other IBM products.
Information Security Analyst at a tech services company with 501-1,000 employees
07 July 20
I have been working with Guardium for 5 years, but I had not heard of Vormetric. So, I will not be able to help.
Something I can report is from the IBM website:
" IBM Security Guardium Data Encryption runs on a variety of Microsoft Windows, UNIX, and Linux platforms. It requires prerequisite software available from Vormetric, Inc. Visit the Vormetric website for information.
For additional information, refer to the Software requirements section. Vormetric is not affiliated or associated with IBM. Vormetric software products and licenses are subject to change in accordance with the policies and procedures of Vormetric. "