IBM Guardium Data Protection Review

Automates detection of access to restricted data across our multiple platforms


What is our primary use case?

It's a security product that works across multiple platforms, in our case it's the mainframe and the midrange. We use it to detect when somebody accesses restricted data and report on it.

So far it has performed quite well, we're happy with it.

How has it helped my organization?

We used to use cobbled-together scripts, different products and different pieces on different platforms. This is one consolidated tool so one report comes out for each director and it's clean and easy. There is some scripting involved to tell it what is important and what is not important - which is important to us.

In terms of security initiatives and compliance policies within our organization, that's basically what we use it for: the reporting of who touches what data. And that goes up to the directors and they approve or get mad at you and ask you why you did something.

IBM Guardium probably helps us comply with industry regulations like SOX, PCI, or GDPR, but the big driver was more internal and audit-related, rather than industry-related.

We haven't integrated Guardium with other systems we have.

It has saved us time and money. As I mentioned, we had a bunch of cobbled-together scripts that were manually maintained for different platforms. This solution automated all that and made it such that the security administrators can run it themselves and not involve us. So there is less "people effort." Senior management is aware of the savings.

What is most valuable?

It makes the auditors happy.

It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes.

I have no idea what the advanced features are, so we're probably not using them.

What needs improvement?

Lower pricing would always be good but apparently we're getting our money's worth or we wouldn't be using it.

What do I think about the stability of the solution?

I'm pretty impressed with the stability. There was medium-sized initial effort getting it configured and set up and doing what we wanted it to do, but it just runs and we don't have to deal with it.

What do I think about the scalability of the solution?

We run it on the mainframe and on the midrange platforms and we haven't had any performance issues of any kind. We haven't really had to scale it. We pick and choose what's important to us, so we don't monitor everything. If we were going to monitor everything it would probably be an issue, something we would have to address.

How is customer service and technical support?

I have not used tech support personally. We did have some support help at the beginning, learning it and getting it set up.

Which solutions did we use previously?

We were previously using homegrown scripts. We decided to switch primarily because this is a multi-platform solution that consolidates everything and centralizes support for it.

When selecting a vendor, we reviewed two other products, but the main reason was that this is a multi-platform solution and it worked well in our environment.

How was the initial setup?

I was not directly involved but I was involved somewhat since I had worked with some of the systems in the past, so maybe some requirements gathering.

The setup seemed pretty straightforward to me.

What other advice do I have?

We're very happy with it. It depends on what your needs are, but it meets our needs.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email