Database Security » IBM Guardium » Version 8.2, 9.1, 9.5, 10.0, 10.1 » Review
Ibm

IBM Guardium Review
Provides database activity monitoring. Can discover databases on your network and find their vulnerabilities.

Valuable Features:

  • Monitors database activities of end users who are connected to databases (DBAs and developers)
  • Classifies critical objects on the databases
  • Discovers databases on your network
  • Finds vulnerabilities of your databases
  • Blocks critical activities

Improvements to My Organization:

  • Helps us define and monitor critical data in the environment, even when stored in RDBMS, big data, or unstructured files.
  • Helps us to pass compliance audits, such as like HIPAA, SOX, and PCI.

Room for Improvement:

The blocking and dynamic data masking features need improvement.

Use of Solution:

I am working as an IBM partner. We have provided solutions for nearly 50 customers for five years. Most of our customers are banks and telecoms.

Stability Issues:

IBM Security Guardium is a mature product. Although it needs agents on the server to monitor their database or file traffic, we did not encounter serious issues so far.

Technical Support:

IBM has three layers for Guardium support. In critical cases, technical support analyzes the issues very quickly to find a solution.

Previous Solutions:

I did not use another solution before this one.

Initial Setup:

The setup is straightforward. There is an ISO file that is developed by IBM that contains all of the OS and Guardium application files. All that remains to be done is to configure the post-installation settings.

Cost and Licensing Advice:

Licensing is the worst part of the product. This is because IBM uses Processor Value Units (PVUs) to calculate the license. The customers complain about this.

In the latest version of the product, there are four types of licenses:

  • DAM (Database Activity Monitoring)
  • DAM Advanced
  • FAM (File Activity Monitoring)
  • FAM Advanced

If you only need database activity monitoring, then DAM is enough.

If you need blocking and masking features, you will need the DAM Advanced license.

Other Solutions Considered:

I did not evaluate other options. I am an IBM partner.

Other Advice:

There are three main steps when implementing a Data Activity Monitor (DAM) solution.

  1. Discover and Classify: Find your databases in your environment, and decide which one of them has confidential data that you need to monitor. Classify your data in your database if it includes critical data like personal ID, credit card, or IMEI numbers.
  2. Monitor Activities: Monitor all end-user activities while developing your policy rules and critical activities.
  3. Block Critical Activities: Define and block critical activities to prevent data leakage.
Disclosure: My company has a business relationship with this vendor other than being a customer: I am an IBM partner.

0 Comments

Anonymous avatar x30
Guest

Have A Question About IBM Guardium?

Our experts can help. 228,876 professionals have used our research on 5,836 solutions.
Ask a question
Author
FREE REPORT!
Not sure which Database Security solution is right for you?

Download our free Database Security Report and find out what your peers are saying about Imperva, IBM, Oracle, and more!
Database security report from it central station 2017 09 09 thumbnail
Download Now
Why do you like it?
Sign in to see all reviews and comparisons. It's free!

By clicking Sign in with LinkedIn™ you agree to let IT Central Station use your LinkedIn profile and email address in accordance with our Privacy Policy and agree to the Terms of Service.
Sign Up with Email
  • Unlimited access to 10,000+ reviews from real users
  • Your own page to promote your professional skills
  • Networking events and peer-to-peer consultations
As seen in:

By registering, you agree to our Terms of Service and Privacy Policy.
  • Unlimited access to 10,000+ reviews from real users
  • Your own page to promote your professional skills
  • Networking events and peer-to-peer consultations
As seen in