IBM Security Guardium Data Protection is a solution for database security from IBM that gives complete visibility, control, and analysis to secure sensitive data and comply with regulations.
IBM Security Guardium is ideal for enterprise-level companies. One of our clients, a bank, uses it for monitoring their database activity. IBM Guardium can track the database activity and detect vulnerabilities such as SQL injections. It is very stable and ideal for safeguarding sensitive client information and data. It prevents leaks and data loss.
One of the advantages of IBM Guardium is that it monitors the database without changing the configuration. The policy setup process enables you to define security policies down to the last detail. Guardium makes it easier to comply with regulations because it has pre-defined policies according to GDPR. The support is very good, and the reporting is very straightforward.
The interface is not very user-friendly if you are not used to IBM products, though. Once you get over the learning curve, it does get easier. We found that the SIEM integration is pretty poor.
Imperva Data Security is also an enterprise application for data security, but unlike IBM Guardium, it combines a database with file security management. Imperva is very reliable and sends alerts whenever it detects suspicious activity. It records all database transactions for analysis. Imperva works very well to monitor new access to the database and provide alerts about unauthorized users.
Regarding compliance, Imperva offers multiple options for auditing; the data is presented in an audit-friendly format and is extremely resilient, even in Linux. The user interface can be confusing, though, with so many menu options. Someone not familiar with the product will have a difficult time trying to configure the agents. Additionally, it requires fine-tuning to get actionable insights from the alerts. A big inconvenience is that some common encryption keys are not compatible with Imperva.
All in all, if your use case requires tight auditing processes, then Imperva is a better solution. IBM would be more suitable for enterprises using other IBM products.
We primarily use the solution for database access management where they are using DML commands. We use it for compliance and validation. If there's any change in the record, this solution will notify us.
One of my customers is a company that manages telecommunications in Mexico. It is a very important company, and they use Guardium for compliance purposes. They use it to comply with PCI, for example. We have on-premises and cloud deployments. We are currently deploying a customer's environment in Microsoft Azure with SQL Server.