What is our primary use case?
Our primary use case would be for compliance reporting: DBA activity monitoring for SOX regulations.
It has performed fairly well. There are issues here and there, but it is the only product on the market that can do this job. It is the industry leader in database security.
How has it helped my organization?
It has improved the way our organization functions. It has automated a bunch of manual tasks, giving us insights into activities that we would not otherwise be able to capture.
We use it to support our top two security initiatives. We have one large project that is focused around locating our sensitive data elements and we have used the discovery agent to do just that. Then, we also have another stream in that project towards monitoring these sensitive data stores, so we use some of the Guardium monitoring features and alerting features to monitor these sensitive databases.
We use it for our SOX compliance reporting. We have it integrated with LDAP and Active Directory. We are looking to integrate it further with Splunk and a change management system.
The integration process is challenging:
- Pulling from the Active Directory and LDAP is not bad once you figure it out. Typically, customers need to work with IBM support to do this.
- For the Splunk integration, we are in process of doing this. We have been working with Splunk to pull the data out.
- For the change management piece, we have not really started this yet.
What is most valuable?
Some of its reporting capabilities. Guardium does a great job of capturing data and having the ability of trying to pull it out and make sense of it. Using it for business applications is its biggest capability.
We use many of the advanced features. We are one of the more advanced Guardium clients, thus we use features, such as custom tables and the ability to import custom data. We have used some of the data discovery pieces before, along with the classification builder. Therefore, we are pretty strong power users in the product.
We have been looking into Guardium Big Data Intelligence and seeing if it makes sense for our organization.
What needs improvement?
Overall testing and quality need improvement. It is fairly buggy at times, so it feels like it could use additional staff on the product, testing and trying it out.
I would like to see a lot of additional reporting and analytics features. They have basic outlier detection, but I would love to see that go further, and model it after analytics tools like Splunk. If the product could integrate with Splunk, or mimic it, it would provide a lot of value.
What do I think about the stability of the solution?
Stability is average. There are frequently new issues with releases. As long as you stay a version or two behind, you are pretty stable. However, we have had some issues with patches breaking things unexpectedly in our environments.
What do I think about the scalability of the solution?
Scalability is very good. You could easily throw it onto a VM or add additional hardware. One central manager supports about a hundred managed units, so scalability is excellent.
How is customer service and technical support?
We frequently use technical support. We have some arrangements made with them, but our support is generally pretty good for smaller issues. For larger issues, we would like a bit more communication from them. Therefore, when there is a known product bugs, known fixes, or known issues, it would be great if they made those a little easier to find or published them at all. That would save us a lot of time and effort.
Which solutions did we use previously?
We invested in Guardium because of regulatory compliance issues. Guardium is the only product in the market that could meet these needs.
How was the initial setup?
I was not involved in the initial setup.
What was our ROI?
Guardium has not saved us time or money. Senior management is aware of this.
What's my experience with pricing, setup cost, and licensing?
If you are researching this type of solution, work with IBM.
Which other solutions did I evaluate?
What other advice do I have?
Most important criteria when selecting a vendor:
- The ability to meet requirements.
- Scalability and market share.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Mar 21 2018