IBM Guardium Review
Reporting is automated and activity alerts are routed to the appropriate responders.

Valuable Features

Heterogeneous support for data activity monitoring. I have not been able to find any other product that can monitor as many platforms from one application. Guardium can monitor Windows servers, Linux, Unix, mainframe, and big data environments from one policy. Guardium captures data access activity across networks and local connections.

Improvements to My Organization

We now have one go-to application for all data monitoring. This has decreased the number of skills needed and enabled a faster route to compliance. Reporting is automated and activity alerts are routed to the appropriate responders.

Room for Improvement

While Guardium is great at structured monitoring (DAM), the product is lacking features on the file activity side (FAM). We would also like to see tighter integration with Active Directory and Exchange monitoring.

Use of Solution

I have been using Guardium for seven years.

Stability Issues

We had some minor issues with earlier versions around agent compatibility. These were solved through support.

Scalability Issues

Guardium scales easily. Simply add another collector appliance and the system will balance the load across all available appliances.

Customer Service and Technical Support

IBM support has been responsive and we rarely need to escalate.

Previous Solutions

Previously, we were using home grown scripts and native database tools. The issue with this approach is the need for expertise on every platform and ending up with dozens of tools to manage.

Initial Setup

Guardium is an enterprise class product and, with that, does require some training. I would suggest any enterprise looking to implement Guardium to purchase some amount of services. There is an option for Quickstarts. Once you understand how the agents work and have setup the first few, the rest are relatively simple. The real work is aligning your business goals with the Guardium policies you create. We often know we need to monitor a system but are not exactly sure what policy is needed. There has to be collaboration between IT, business owners, and compliance.

Pricing, Setup Cost and Licensing

Previously, Guardium fell under the IBM PVU license model. This was complicated to license and costly. The new license structure is per server and includes all features. Now we simply count the number of servers to monitor and purchase accordingly.

Other Solutions Considered

Besides native database auditing, which is very resource intensive, and homegrown tools, there are not a lot of options out there. The closest competitor is Imperva. Imperva is a close second. We chose Guardium over Imperva based on the ability for greater custom reporting, more platform support, and better integration with other IT tools.

Other Advice

Buy services. You do not need to have services for the entire implementation, but, at a minimum, invest in the Quickstart option to get up and running and to provide knowledge transfer. Once Guardium is installed on a few systems, it is very easy to add and manage.

Disclosure: My company has a business relationship with this vendor other than being a customer: My company sells, implements, and manages this product.

Add a Comment

Why do you like it?

Sign Up with Email