- Monitors database activities of end users who are connected to databases (DBAs and developers)
- Classifies critical objects on the databases
- Discovers databases on your network
- Finds vulnerabilities of your databases
- Blocks critical activities
The blocking and dynamic data masking features need improvement.
I am working as an IBM partner. We have provided solutions for nearly 50 customers for five years. Most of our customers are banks and telecoms.
IBM Security Guardium is a mature product. Although it needs agents on the server to monitor their database or file traffic, we did not encounter serious issues so far.
IBM has three layers for Guardium support. In critical cases, technical support analyzes the issues very quickly to find a solution.
I did not use another solution before this one.
The setup is straightforward. There is an ISO file that is developed by IBM that contains all of the OS and Guardium application files. All that remains to be done is to configure the post-installation settings.
Licensing is the worst part of the product. This is because IBM uses Processor Value Units (PVUs) to calculate the license. The customers complain about this.
In the latest version of the product, there are four types of licenses:
If you only need database activity monitoring, then DAM is enough.
If you need blocking and masking features, you will need the DAM Advanced license.
I did not evaluate other options. I am an IBM partner.
There are three main steps when implementing a Data Activity Monitor (DAM) solution.