IBM Security Guardium Data Protection Reviews

database security

We use it for security purposes, particularly because we have customers in financial sectors, banks, and other high profile industries.

The risk spotter which helps to get insight into user activities

The monitoring of Heterogeneous DBs

Entitlement Reports which helps to gain insight on user creation and privilege escalation.

Being an IBM product it offers data security capabilities with robust features. Over the years, it has satisfactorily met the requirements of our customers which makes it a very reliable and versatile solution.

Since we are resellers we do not have enough information about the technical aspects and the areas of improvement. However, one consistent report that we receive from our customers is that IBM does not offer timely support due to the size of the organisation. It would be great if they could improve their response time.

ActivEdge has been reselling IBM Security Guardium Data Protection for the past five years.

In terms of stability, it is also stable and there is no bugs and glitches that we have faced complaints about

On a scale of 10 I will rate it 8 as there are some issues that usually arise during deployment but are usually fixed by patch updates.

The product is very scalable and we deal with majorly enterprise client. Therefore we have to make sure that the product is scalable.

The process of installation and management of the solution is very easy. You can ask for IBM's expertise, since they have been using this for years. The implementation does not really need more than three months under normal conditions.

IBM solutions have fair price strategy, and operates on a yearly basis. If it's a SaaS solution, then you can opt for yearly basis.

While working with the solution, you have to be clear about your requirements. The solution offers different pricing based on different functionalities. If you are able to identify your requirements properly, you are going to do well with the price and get the best out of the product. So understanding the requirements is very important. I would rate this product 8 out of 10.

I use it for the likelihood of incident response, intrusion prevention, intrusion detection, and malicious traffic.

I like the reporting mechanism. It's very good.

The integration part of the present solution is very complex and tedious. Plus it gives a lot of false positives which need to be eradicated over time.

While integrating it with my existing infrastructure, it was a pain area initially, because primarily it took me a lot of time to educate users. From the configuration part with the existing system, the agent installation and collecting logs from the system and then finally bringing it back to the Guardium is quite complex.

In the next release, I would like these to be improved and implemented.

I used IBM Security Guardium Data Protection within the last six to eight months.

It is a stable product. 

It is scalable, you just integrate other auxiliary IBM products with it, back to the security line. Currently, 12 users are using it for administration and monitoring purposes.

They're always there to help you out and solve the problem very precisely and efficiently.

Positive

I have been using a lot of information security solutions like Ivanti and ManageEngine. When it comes to hardware, I have used Dell EMC, Cisco, HP, and VMware.

The initial setup was complex, it took roughly a year.

I rate it a seven out of ten.

With regard to the deployment process, we conducted a PO. The POC was conducted initially only for the primary network devices, and then gradually we rolled it down for the production servers and to the other parts of the data center.

The solution was implemented through an integrator team.

We cannot actually evaluate the ROI for the information security solutions, but it's one of the recommended and leading solutions in the market. So with that aspect, you can say we are pretty much confident and believe that our ROI would bring good results for us.

It is a very costly product.

I mark it a four or five out of ten because it's ridiculous sometimes. For instance, if you would like to add a few instances, the IBM team will tell you that you need to acquire a certain amount of DB licenses to integrate such instances into your existing portfolio. So it is quite a hefty amount.

I have personally not evaluated other options. My predecessor had evaluated quite a few options.

I think third-party application integration is supposed to be an integral part of IBM without any cost, so IBM should consider that.

I would rate this solution an eight out of ten.

Before IBM Guardium Data Protection, we didn't have any solution. We wanted to check our database activities, for example, admin activities, so with IBM Guardium Data Protection, we created some use cases and also wanted to check up on the use cases in our environment, so we deployed the solution. Right now, we have three or four use cases for IBM Guardium Data Protection: creation, table deletion, and making changes to the table, and we receive alerts when any of those activities happen.

IBM Guardium Data Protection improved our organization by providing visibility into our database functions. Before using the solution, we didn't have that visibility until we took the data logs and integrated them. We didn't have visibility into database bots. We didn't know which users or admin users were able to get into the databases even without specific privileges. Now, with IBM Guardium Data Protection, we have visibility into all details by just collecting the logs on the aggregator, then integrating the aggregator and team logs, so our security analysts can check all the user logs and use cases we created to monitor databases, and view them all on a single screen. IBM Guardium Data Protection gave us one console for monitoring data, so we won't have to look at more than one screen or use other monitoring solutions.

What I like about IBM Guardium Data Protection is that some of its features were deployed by collectors during the installation phase. The solution has collector and aggregator features, license installation, and even server patches that you won't find in other security providers. I like the collector-aggregator capabilities of IBM Guardium Data Protection where you install each component on separate servers, then on the aggregator, you collect all the logs on a central server or central console.

Right now, we're in the development phase for IBM Guardium Data Protection, so I don't have any recommendations about additional features and room for improvement in the solution. We're very excited to work on IBM Guardium Data Protection because we are new to the solution, and we're still exploring product features. We're very excited about integrations and use case creation, and it's only after six to eight months that I'll be able to share my recommendations in terms of additional features the solution should have.

We did find some difficulty in deploying IBM Guardium Data Protection here in Pakistan because of the lack of resources.

We just deployed IBM Guardium Data Protection, so we've only been using the solution for a month or so, and we're using it because it was included in the package we purchased from IBM.

IBM Guardium Data Protection is working very smoothly, even during installation, so at the moment, my company hasn't experienced any stability issues, compatibility issues, and performance issues, so it's a stable solution.

In the future, we will scale IBM Guardium Data Protection if we have the need, but right now, we are not in the scaling phase. We're only implementing and working with what we have currently.

The support for IBM Guardium Data Protection is good if you're communicating with techs from the US, the UK, or Europe, but where I'm located, the support you'll mostly get is from India and South Asia because of matching time zones. India-based or South Asia-based support isn't very experienced, so at the end of the day, you have to escalate the ticket to the US or Europe team for issue resolution.

On a scale of one to five, with one being the worst and five being the best, my experience with IBM Guardium Data Protection technical support is three out of five.

Deploying IBM Guardium Data Protection was a little bit difficult for us because of the limited resources available here in Pakistan. Very few people can implement the solution successfully in their organizations because of a lack of experience. There are only two or three organizations here that have implemented IBM Guardium Data Protection, and our organization is one of those.

The people who handled the deployment of the solution within the company weren't experienced at deploying IBM Guardium Data Protection, so we faced some difficulties, but at the end of the day, all teams worked very, very passionately. It took us almost six months to deploy the solution within our organization.

We coordinated with different teams about server availability, connection availability, and database integration with IBM Guardium Data Protection to complete the implementation of the solution.

It's still too early to tell if there's ROI from IBM Guardium Data Protection, but I hope that it gives the company ROI. The solution is very popular all over the world, so my company procured it and deployed it in the environment.

My company purchased IBM Guardium Data Protection in a package, so I'm unable to give its exact licensing cost, but for the package of three IBM solutions, it wasn't very expensive. I'd rate the pricing for all three solutions three out of five. When my team deployed IBM Guardium Data Protection, all features were included.

We didn't evaluate other solutions before using IBM Guardium Data Protection because we purchased an IBM package of three SIEM solutions: IBM QRadar, IBM Resilient, and IBM Guardium Data Protection.

My organization has two teams using IBM Guardium Data Protection. One is an analyst team that looks after the solution, and the other is the SOC team in charge of monitoring events on IBM Guardium Data Protection.

There's a team of five people in my organization that takes care of deploying the policies, and there's a team of twelve analysts that does the monitoring of events in all monitoring solutions used in the company, aside from IBM Guardium Data Protection events.

Currently, the solution isn't being used to its full extent because it's still in the testing phase, and my organization is still new to the solution, so it has to check on the capabilities of IBM Guardium Data Protection and how it works. Users within my company still have to learn how to aggregate, how to send logs, which security tools to monitor, etc. The solution is still in the evaluation phase within the company, and there's still a need to check its performance and analyze its features.

My advice to others looking into implementing IBM Guardium Data Protection is to first get familiar with the solution and compare it with other solutions. IBM Guardium Data Protection is a market leader, so I recommend that you deploy it or purchase it for the purpose of database security. It's a well-known product.

I'm rating IBM Guardium Data Protection eight out of ten.

My company is a customer of IBM Guardium Data Protection, with no IBM partnership.

We use it for activity monitoring and vulnerability assessments.

The features I like are the robust policies, which allow us to create customized monitoring based on specific activities. 

Also, the dynamic encryption and masking functionality is interesting. And the vulnerability assessment feature is comprehensive; we can scan for specific vulnerabilities.

The main issue I have with IBM Security Guardium Data Protection is the support. It's not good.  They're slow, and they don't seem to resolve issues effectively. We have an ongoing problem that they haven't been able to fix.

We had an issue with the setup that we've been trying to resolve. The reports are not coming out the way I want them to.

I'm not enjoying the support. They don't always resolve issues, and sometimes logged cases seem to disappear. The support is not good for me. They should resolve issues as they're escalated.

It's stable. However, it does require a lot of resources. 

I would rate the stability a six out of ten. 

The solution itself is straightforward. The implementation was fine.

We set up the central manager, the archive, agents on the database servers, and S-TAPs on the collectors. Then, we configured policies and reports.

I would recommend using it. It is good for database protection. 

The product itself is good, but the support is lacking. I'd rate it a seven out of ten.

We want to avoid unauthorized manipulation of data. We evaluated use cases like database discovery, identification of sensitive data, and installation and configuration of custom policies. We also conducted POC for alerts on DDL and DML commands, activity logs of users, restricted access for specific users, reporting, and dashboarding.

The tool helps detect invalid login attempts within a specific time frame.

The solution lacks control over database security.

Our database team has conducted a POC of the solution with the service provider. We plan to purchase the solution.

The support manager of IBM in Pakistan supported us in onboarding the technical and salespersons. They helped us draft and create the solution for our company. The support was above average.

Positive

The price is average. The tool is not cheap, but it is not expensive. The solution is worth the money.

There are other solutions like Imperva, but there are no service providers in Pakistan. We need local support as we need multiple deployments.

Since I have not implemented the product yet, I would give it an average rating. Overall, I rate the product an eight out of ten.

We use this product to protect our information. It provides the added feature of including some protective marking rules on the data. Security is the overall high-level objective for us using this solution. We are customers of IBM and I'm a tech lead.

If anyone is trying to access unauthorized data, it sends out an immediate alert to those concerned. 

Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.

I've been using this solution for three years. 

The product is somewhat outdated, but it's stable.

If you implement it on the cloud, it's scalable. But once you scale the solution, dumping the business rules, establishing the configured profile, and maintaining those profiles is a very tedious process. Rather than a centralized solution, it would be better to have a distributed environment. In that case, different servers and different nodes, with each node having control over some of the applications, would be better. 

The support level is based on your license. There is a seating license based on the number of users and a concurrent license that is unlimited. If you're at L1, the support is very responsive. For L2 and L3 things move more slowly.

The initial setup needs a lot of coordination and effort. It also requires an information security officer to identify the risk levels of the applications. Monitoring requires a dedicated infrastructure team. We carried out the deployment in-house. Implementation time depends on the degree to which you want to scale and what you're using it for. 

Deployment requires admin support, enterprise-level LDAP authentication services, and application leads. Depending on your infrastructure, you may also require an information security officer and security team as well as security engineers.

There are various licensing models. 

This tool works very well with IBM products but not so well with other tools. 

I rate the solution six out of 10. 

We are resellers of this solution and IBM partners. I'm a manager of security solutions.

Data encryption is a good feature and I also like the data masking functions. This is a technically strong solution.

The only downside is that the deployment is complex and requires special expertise to deploy.

We've been using this solution for seven years. 

In terms of stability, this is one of the top solutions. Our customers are happy with it.

The solution is scalable; scalability depends on the number of databases more than number of users. Accounts can be expanded without any impact on performance. 

IBM do a good job in terms of technical support.  

Positive

The deployment requires trained people because it's complex. It's better to go with the vendor for implementation because they are specialized.  

I recommend this solution and rate it nine out of 10. 

We mostly use Guardium as a data activity monitoring solution (DAM). We also use it to perform vulnerability assessment (VA) for data. We deployed Guardium on a private cloud. It isn't a hardware product. It's all virtual machines.

IBM should add more database security features to Guardium. They could add user profiling, anomaly detection, and machine learning. IBM has user profiling, but they need to strengthen it. It should make sense for the users. It should remove most of the false positives.

Anomaly detection would help. Let's say you had a thousand anomalies and 990 are false positives. Who will take care of this? People will simply ignore all 1,000. They need to improve a lot in this area. They're coming out with a new product called Guardium Insights. It will be able to store more data, and its algorithm will be stronger. That will probably fix all my concerns. They have yet to release the beta version.

I have been with this company for the last two years, and they have been using Guardium for five years or six years. However, I more than 10 years of experience with the product. I started using it in 2010.

The scalability and stability are excellent. 

IBM support is good. They're very responsive. 

Setting up Guardium is straightforward. The time needed for deployment depends on the number of databases you're onboarding. It could take two or three months for a hundred databases. However, it might take much longer if you have thousands. It doesn't require much maintenance if you deploy and monitor it correctly. You need to do a lot of maintenance if not. 

We deployed Guardium ourselves because we know the website.

The cost depends on the number of databases. You can purchase advanced licenses, but the standard license is calculated based on the number of databases you have to onboard.

I rate Guardium nine out of 10 overall. I rate Guardium 10 out of 10 for data activity monitoring and nine for vulnerability assessment. It's easy to implement and does its job. But I would rate it seven out of 10 in terms of advanced features.

My advice to prospective users is to have a proper source to deploy it in your environment, or you're wasting money. The second thing is to know precisely what you want from Guardium. Is it DAM, VA, or are you going further? In terms of security posture, those lines should be clear.

We use IBM Security Guardium Data Protection for real-time monitoring, data protection, recovery of sensitive objects, and vulnerable data scanning for databases.

It is a flexible tool for enterprises. It protects sensitive data and blocks unauthorized access to the data.

They could enable the out-of-the-box feature to track application user activity. It will help us observe the activities closely. Another area for potential improvement is implementing a feature for rate limiting the observed set returned to the client against security in a particular session.

We have been using IBM Security Guardium Data Protection for two years.

It is a stable solution. However, they could enable an in-built feature to track user activity for the applications connected to databases. When users enter credentials to authenticate themselves, Guardium should also log the activity and enter its database.

I rate the platform's scalability an eight out of ten.

The technical support services are good.

Neutral

The initial setup process is user-friendly. The deployment time depends on different components, including the collector, SAP agent, immediate and integrator, central manager, deployment size, scalability needs, and specific business use cases. It's relatively easy to implement, but the organization's specific requirements determine the simplicity or complexity. The number of databases to be observed, data classification criteria, and the desired role implementations are crucial considerations. It requires one or two engineers and analysts to execute the process. They are responsible for installing and configuring the components, including agents and collectors. After that, we can collect the logs from the database based on rules and policies to analyze them. It is easy to maintain as well.

The product's pricing is reasonable and affordable. It is in the moderate range.

I recommend IBM Security Guardium Data Protection to others and rate it an eight out of ten. It is a very good enterprise-grade solution.

Guardium is a robust solution that provides reliable results. Customers are satisfied with its ease of use and switch from competing products to Guardium. One customer implemented Guardium within two months and found it fully secured their databases. Before Guardium, they faced implementation issues and unreliable monitoring reports. Now, they are expanding Guardium to protect more databases.

The only issue is opening the remote connection to the client. IBM needs to focus more on improving remote connectivity. Microsoft and Cisco provide remote connectivity and have gained customer appreciation.

The solution needs some functionality or features to be added. It might not cover Big Data.

I have been using IBM Security Guardium Data Protection since 2016.

The product is stable.

The tool is scalable.

Support is very good.

Positive

The initial setup is straightforward.

We contracted with the company. It was one of the smoothest implementations we ever had. We started and did the kickoff. After two months, they sent us the closure, acceptance server, and invoices.

The solution has a reasonable and competitive price. FortiDB is cheaper, but it doesn't provide full functionality. You can get cheaper products if you want a product to cover the audit point and don't care about the functionality. If you need a functional solution to help you, you should consider Guardium.

I recommend this solution to medium and big companies. Small customers do not need to maintain it a lot. The price and value they will get from it are worth it, especially if they need to monitor many databases and manage their environment. Guardium can help them see who accesses the databases to prevent data breaches and monitor the audit trail. Smaller companies with one or two databases can manage them by themselves, but Guardium becomes more valuable as the size of their databases and the number of users grow.

Overall, I rate the solution a ten out of ten.