Most Helpful Review
Find out what your peers are saying about IBM Guardium Data Protection vs. IDERA SQL Compliance Manager and other solutions. Updated: November 2019.
384,147 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
It allows us to put in controls to make sure that only the right persons access the proper records in the database.
Audit Process Builder – Workflow generator to enhance audit tasks and compliance workflows.
Compliance Quick Start – Quick, GUI, step-by-step guide to automate compliance and give the customer a quick ROI.
The most valuable feature is using the capture operation mode “S-TAP/K-TAP agent”, because all activities in the database are captured, including direct access to the database server by privileged users. This is useful because, even if the database server logs were deleted, the Guardium Collector has already stored such data to enable traceability of access.
The possible number of databases and database servers which can be monitored by Guardium is high. For me, this is a differentiator of IBM.
Encryption is not straightforward, but Guardium made the setup easy for us.
Supports security initiatives and ensures compliance policies.
We now have the ability to begin to understand how people, applications, and service accounts are interacting with data to better protect it.
The tool can track logins and login failures. I made my own alert so that if there is a certain number of login failures for a server, it emails me. That is really useful. If I want logins to automatically lock out after a certain number of failed attempts, I can know when that happens.
The ability to track activity including the SQL statements is definitely valuable. I really like how the database is laid out. It's straightforward. I can query the back-end tables. I've made a few of my own email alerts based on the data and the tables. It's accessible.
The biggest complaint that I hear from customers and users is that using this solution requires database skills, yet it is a security and monitoring tool.
Needs easier integration with custom applications.
I have already mentioned to IBM that a primary need is to improve the number of records in the reports above 65,535.
It needs an integration with Optum.
It will not go as fast as you want.
Initial setup is very complex. Once you start interacting with people's databases, they get very hesitant. Then, the amount of social tasks to socialize the solution ensuring people are comfortable with it became a much heavier lift.
Initially it did not have support external applications like, say, Tableau, ServiceNow, Remedy, and the like. They have started growing into it, but I would like to have more and more integration with outside applications.
I am struggling getting through to social.
I submitted a ticket (last year) about archiving/grooming of old records because the GUI functionality was not working. Per their recommendation, I ended up using a command line to do it.
The set up is kind of clunky, in my opinion. It's not really intuitive. If they had either a smoother install or better instructions, that would be nice.
There is an agent that collects the data on SQL Server. Sometimes it will stop collecting. I'm not exactly sure what's happening but I have to go in and manually restart the agent. It would be nice if the central collection server could send a request to the agent to restart.
What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name.
Pricing and Cost Advice
One of the deployments that I know of had three databases, and the yearly fees are approximately $50,000 USD.
The price of Guardium is higher than the main competitor, Imperva. In addition, it's complex as the calculation of the licensing is done by Processor Value Unit (PVU). However, before purchasing a DAP solution, it is important to analyze specific points to evaluate the cost-benefit of each tool. For example: Does the environment to be monitored have mainframes? If so, it's a point for Guardium. If not, a point for Imperva. Note: IBM is looking into a new licensing policy and reducing the price of Guardium.
The biggest challenge is the cost associated with the product, and the cost of maintaining. Everything is not translated directly to the benefits we see. There are benefits, yes, but if I were writing the check, would I buy Guardium? No.
Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it.
If you are researching this type of solution, work with IBM.
Guardium has not saved us time or money.
I would suggest to review the type of data, need for security, and if the organizational structure needs the options IBM Guardium provides.
The product is cheaper than other products I checked but it is still a good idea to check again and compare.
I feel the product's pricing is a good value.
The pricing is pretty good.
It's a good price value... The other tools weren't cheaper.
out of 17 in Database Security
Average Words per Review
out of 17 in Database Security
Average Words per Review
Compared 45% of the time.
Compared 22% of the time.
Compared 8% of the time.
Compared 56% of the time.
Compared 26% of the time.
Compared 10% of the time.
Also Known As
|InfoSphere Guardium, Guardium, IBM Guardium||IDERA SQL CM|
The IBM Security Guardium portfolio empowers organizations to grow their business and prove compliance with smarter data protection capabilities. It provides complete visibility, actionable insights, real time controls and automated compliance workflows throughout the entire data protection journey, to support your most critical data protection needs.
IBM Security Guardium delivers discovery & classification, vulnerability & risk assessments, real-time monitoring & alerting, encryption, advanced analytics and compliance reporting across structured, unstructured, and semi-structured data in on-prem (including mainframe), cloud, and across hybrid cloud environments.
IDERA SQL Compliance Manager is a comprehensive auditing solution that uses policy-based algorithms to track changes to your Microsoft SQL Server objects and data. SQL Compliance Manager gives you detailed visibility to determine who did “what”, “when”, “where”, and “how”, whether the event is initiated by privileged users or hackers. SQL Compliance Manager also helps ensure compliance with regulatory and data security requirements such as SOX, PCI DSS, GDPR, HIPAA, and more. SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, selects, updates, schema modifications and permission changes to SQL Server databases.
Learn more about IBM Guardium Data Protection
Learn more about IDERA SQL Compliance Manager
|Hanger; AmerisourceBergen, CMS Energy, Manulife Financial, Patterson Companies, Pfizer, Rockwell Automation, TrialCard, Unum, Verizon Communications|
Financial Services Firm48%
Software R&D Company23%
Financial Services Firm14%
Comms Service Provider9%
No Data Available
No Data Available