What is most valuable?
Heterogeneous support for data activity monitoring. I have not been able to find any other product that can monitor as many platforms from one application. Guardium can monitor Windows servers, Linux, Unix, mainframe, and big data environments from one policy. Guardium captures data access activity across networks and local connections.
How has it helped my organization?
We now have one go-to application for all data monitoring. This has decreased the number of skills needed and enabled a faster route to compliance. Reporting is automated and activity alerts are routed to the appropriate responders.
What needs improvement?
While Guardium is great at structured monitoring (DAM), the product is lacking features on the file activity side (FAM). We would also like to see tighter integration with Active Directory and Exchange monitoring.
For how long have I used the solution?
I have been using Guardium for seven years.
What do I think about the stability of the solution?
We had some minor issues with earlier versions around agent compatibility. These were solved through support.
What do I think about the scalability of the solution?
Guardium scales easily. Simply add another collector appliance and the system will balance the load across all available appliances.
How is customer service and technical support?
IBM support has been responsive and we rarely need to escalate.
Which solutions did we use previously?
Previously, we were using home grown scripts and native database tools. The issue with this approach is the need for expertise on every platform and ending up with dozens of tools to manage.
How was the initial setup?
Guardium is an enterprise class product and, with that, does require some training. I would suggest any enterprise looking to implement Guardium to purchase some amount of services. There is an option for Quickstarts. Once you understand how the agents work and have setup the first few, the rest are relatively simple. The real work is aligning your business goals with the Guardium policies you create. We often know we need to monitor a system but are not exactly sure what policy is needed. There has to be collaboration between IT, business owners, and compliance.
What's my experience with pricing, setup cost, and licensing?
Previously, Guardium fell under the IBM PVU license model. This was complicated to license and costly. The new license structure is per server and includes all features. Now we simply count the number of servers to monitor and purchase accordingly.
Which other solutions did I evaluate?
Besides native database auditing, which is very resource intensive, and homegrown tools, there are not a lot of options out there. The closest competitor is Imperva. Imperva is a close second. We chose Guardium over Imperva based on the ability for greater custom reporting, more platform support, and better integration with other IT tools.
What other advice do I have?
Buy services. You do not need to have services for the entire implementation, but, at a minimum, invest in the Quickstart option to get up and running and to provide knowledge transfer. Once Guardium is installed on a few systems, it is very easy to add and manage.
Disclosure: My company has a business relationship with this vendor other than being a customer: My company sells, implements, and manages this product.
Feb 20 2017