We just raised a $30M Series A: Read our story

IBM Guardium Data Protection OverviewUNIXBusinessApplication

IBM Guardium Data Protection is the #1 ranked solution in our list of top Database Security tools. It is most often compared to Imperva SecureSphere Database Security: IBM Guardium Data Protection vs Imperva SecureSphere Database Security

What is IBM Guardium Data Protection?

The IBM Security Guardium portfolio empowers organizations to grow their business and prove compliance with smarter data protection capabilities. It provides complete visibility, actionable insights, real time controls and automated compliance workflows throughout the entire data protection journey, to support your most critical data protection needs.

IBM Security Guardium delivers discovery & classification, vulnerability & risk assessments, real-time monitoring & alerting, encryption, advanced analytics and compliance reporting across structured, unstructured, and semi-structured data in on-prem (including mainframe), cloud, and across hybrid cloud environments.

IBM Guardium Data Protection is also known as InfoSphere Guardium, Guardium, IBM Guardium.

IBM Guardium Data Protection Buyer's Guide

Download the IBM Guardium Data Protection Buyer's Guide including reviews and more. Updated: October 2021

IBM Guardium Data Protection Customers


IBM Guardium Data Protection Video

Archived IBM Guardium Data Protection Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MN
Trusted Security Advisor at a tech services company with 501-1,000 employees
Real User
Proven record of preventing unauthorized access and modifications to our customer's data

Pros and Cons

  • "It allows us to put in controls to make sure that only the right persons access the proper records in the database."
  • "The biggest complaint that I hear from customers and users is that using this solution requires database skills, yet it is a security and monitoring tool."

What is our primary use case?

This solution is for database security and protecting the core of the data. It allows us to put in controls to make sure that only the right persons access the proper records in the database. It prevents unauthorized access.

For example, a customer may want to restrict the database so that it is accessible only from within a specific application. This means that the database administrator will not be able to access the data from outside of the application, as is normally allowed by their administrative rights. It can prevent the administrator from seeing or modifying any data for which they are not allowed to do so.

It is also possible to set specific permissions, such as restrictions on the field, table, or record level of the database. Only people with explicit permissions can view or modify the data.

How has it helped my organization?

One of our clients is a passport authority, and they were able to successfully apply this solution to detect corruption within their organization. There had been some employees who had been illegally changing the status of some residents in return for money. Once this solution was deployed, they detected that somebody was making those changes in the database, caught the people, and stopped it from happening again. It was a big finding.

What is most valuable?

This solution has a lot of functionality and there are hundreds of use cases for it. We are talking about the database, which is the main business core for the company that holds all of the data. The features used by any one customer are dependent on their requirements and the relevant regulations.

That said, IBM Guardium has a lot of capabilities, even compared to other solutions on the market. It can do everything from detection to prevention, and it provides reports about this as well.

What needs improvement?

The biggest complaint that I hear from customers and users is that using this solution requires database skills, yet it is a security and monitoring tool. Specifically, it is a tool that is used for monitoring the database administrator. The database expert will not want you to implement control on top of him, so you instead need to utilize a person from security. However, security people do not have a complete set of database skills. So, there is always a gap in the administration and the person who is going to manage this tool. As such, the person using this tool feels that it is complicated, doesn't know where to go and what to do.

I have heard that the latest version has better support, with better access, and a better GUI that is easier to use than before. At the same time, this is still one of the main concerns that I always hear from the customers.

The second most common complaint that I hear is in regards to the support from IBM. Some of the cases are open for a very long time because they do not have local engineers to come and look at the issues. In our region, my company is providing 24/7 support to help close these gaps. This has strengthened our presence in the market, but in other regions, this is still a complaint that customers have.

For how long have I used the solution?

More than six years.

What do I think about the stability of the solution?

The feedback that I have heard from customers, and my team, is that the solution is very stable. It does not require a lot of things after it is set up for the first time. Once it is fine-tuned, you do not need to do much other than generate and show reports.

At the same time, I do still hear complaints directly from customers about stability. Specifically, it has to do with making changes. If there is an S-TAP agent installed on the service then sometimes the configuration needs to be changed. This might be by adding a new rule or policy. After this, the server needs to be restarted. It is impossible to frequently stop and restart a service when it is in production.

My team justifies this by saying that it only happens infrequently, at a rate of perhaps once a year. However, the customers still see it as a very difficult task that makes their lives tough. Other than this, I have not heard any complaints about stability.

What do I think about the scalability of the solution?

This is a highly scalable solution, but it requires a lot of resources.

For example, I know of a big bank that has been a long-time user of this solution, but they were looking to replace it because they need forty-four Guardium severs in order to monitor their entire database farm. They feel that this is too much and will cost a lot. They do not have a new solution at the moment, although they are looking at other options.

Before this solution existed, people did not have really have anything in place. It was a new concept and it became critical when people came to understand database risks. In 2011 or 2012, many banks started to use Guardium, and since then, it has been spreading to other sectors such as government, transportation, and healthcare.

How are customer service and technical support?

The complaints that we have heard are about IBM support in general and are not specific to the Guardium solution. There are gaps because they do not offer local support in every region. 

Which solution did I use previously and why did I switch?

I cannot recall an instance where a customer switched to this solution from another one that they already had in place.

We have been assisting people with migrating from earlier versions to the current version.

How was the initial setup?

The installation of the database, itself, is very easy and straightforward. 

The initial setup involves configuring the database connection with Guardium so that it monitors it correctly. It also depends whether you want to deploy the protection method or not, which means that you need to deploy the S-TAP agent on the service where the database resides.

Beyond that, most of the configuration is in the policy, itself. This changes based on what you would like to monitor, what you want to prevent, and what kind of queries you want to block. For me, fine-tuning the policy is one of the most important elements of the implementation. It also depends on the customer's knowledge, and whether the customer knows exactly what he needs. Some customers want you to not only deploy the system but also to create the policy. You have to translate their internal policy into a configuration, which can really take a long time.

When you deploy using the basic implementation, it is usually only a week or two before you get complaints from the customer. They don't see the value in the solution because they are overwhelmed. So, fine-tuning the policy takes time, and it should be taken very seriously and with care.

If the customer knows exactly what he needs then the deployment can be done in two weeks.

In terms of maintenance, it does not require a staff member full time. One person can dedicate perhaps three hours a day for monitoring, reporting, and doing a health check of the system. We sometimes offer visits to customer sites daily or weekly. For example, we can assist the customer for two hours per week to monitor the system and ensure that everything is working properly. It really doesn't require much work.

What about the implementation team?

Because we are a distributor, we work between the partner and the vendor. When it comes to implementation, we can either assist the partner or work with the customer directly, based on what the customer wants.

Our Guardian expert is dedicated to that product, and will either visit the customer to perform the implementation himself, or he will align with a partner and they will go together. Most of the implementations are handled by ourselves.

What was our ROI?

I have not specifically calculated the ROI for any of our customers. However, I have shown them general ROI. For example, one incident of losing one record, either by mistake or intentionally by one of the admins, will cost you a certain amount. Moreover, it is important to consider how much you will pay to not have this happen again. These types of losses in the database may be critical data and can affect the company's reputation.

In general, deploying this solution will cost very little compared to the cost of losing data.

What's my experience with pricing, setup cost, and licensing?

In the past, the pricing of IBM Guardium was very complex. It was dependent on the number of CPUs and other things to support the servers. Nowadays, things have changed. Pricing is dependent on the number of databases and the number of servers.

The licensing fees are paid yearly. One of the deployments that I know of had three databases, and the yearly fees are approximately $50,000 USD.

There are some additional add-ons that are available, but I do not see many people taking them. There is encryption, and there is a Guardium Inspection license, but I am not sure of the costs.

Which other solutions did I evaluate?

The main competitor in the market is Imperva. They were originally not allowed in the Kingdom because of their country of origin, but they now have a local Saudi team. Some customers were approached by Imperva and did not know of Guardium, and simply went with that solution.

There is also a phenomenon in the market that is quite common when a new technology comes from the outside. Even if people don't have the full picture or details about the existing one, they feel that it is "old". Everybody has it, and they need something new. Because of this, we see a lot of people making the choice to go with Imperva. 

What other advice do I have?

When it comes to implementing this solution, it is important for people to know exactly what they need to do. This includes what they need to monitor, what they need to protect, and what kinds of queries they want to prevent. They shouldn't rely on having this tool teach them what they need to do.

Next, people need to make sure that they are getting proper support. This can be from the vendor, by having an advanced SLA for example, or a strong local partner to help them. If they have any trouble, especially something urgent, then they want to have this support in place.

The third thing is to have somebody who is trained to take care of the system. Assuming that it is easy and that anybody can handle it will be the start of a larger problem. It will not seem too much at the beginning, but after a year they will be unhappy with the product.

It is important to recognize that there are several milestones for any Guardium project. Our consultant, for example, is an expert in that domain. He usually submits a project plan showing the implementation stages for the project. There are prerequisites that have to be put in place and verified, then Guardium deployed on the server. This can be either a physical or virtual server. Then the database configuration begins, which is followed by the fine-tuning phase. Finally, all of the appropriate documentation for these aspects has to be compiled. The length of time required for all of this depends on the requirements.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
EW
‎IT Security Analyst at a tech services company with 11-50 employees
Real User
Audit Process Builder enhances audit tasks and compliance workflows

What is our primary use case?

As a registered IBM Business Partner, our main interaction is to deploy Guardium at client sites.

What is most valuable?

Audit Process Builder – Workflow generator to enhance audit tasks and compliance workflows. Compliance Quick Start – Quick, GUI, step-by-step guide to automate compliance and give the customer a quick ROI.

What needs improvement?

Needs easier integration with custom applications.

For how long have I used the solution?

Three to five years.

What other advice do I have?

I would give the product a score of eight out of 10. This is due to its deep level of granularity and guided process/audit workflow generation.

What is our primary use case?

As a registered IBM Business Partner, our main interaction is to deploy Guardium at client sites.

What is most valuable?

  • Audit Process Builder – Workflow generator to enhance audit tasks and compliance workflows.
  • Compliance Quick Start – Quick, GUI, step-by-step guide to automate compliance and give the customer a quick ROI.

What needs improvement?

Needs easier integration with custom applications.

For how long have I used the solution?

Three to five years.

What other advice do I have?

I would give the product a score of eight out of 10. This is due to its deep level of granularity and guided process/audit workflow generation.

Disclosure: My company has a business relationship with this vendor other than being a customer: IBM Business Partner.
Learn what your peers think about IBM Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
540,984 professionals have used our research since 2012.
Sidney Monteiro
Information Security Analyst at a tech services company with 501-1,000 employees
Real User
Top 20
Capture mode collects all activity and Collector stores the data for traceability

Pros and Cons

  • "The most valuable feature is using the capture operation mode “S-TAP/K-TAP agent”, because all activities in the database are captured, including direct access to the database server by privileged users. This is useful because, even if the database server logs were deleted, the Guardium Collector has already stored such data to enable traceability of access."
  • "The possible number of databases and database servers which can be monitored by Guardium is high. For me, this is a differentiator of IBM."
  • "I have already mentioned to IBM that a primary need is to improve the number of records in the reports above 65,535."

What is our primary use case?

Guardium is used based on our Manual of Internal Procedures (MPI), and its uses range from creating a rule to generating customized reports. The main use case is the procedure "Investigate Incidents Recorded by Unauthorized Access," with action "notify by electronic message the manager and/or leader of the area."

How has it helped my organization?

Improved security through the visibility and control of all access to the databases.

What is most valuable?

The most valuable feature is using the capture operation mode “S-TAP/K-TAP agent”, because all activities in the database are captured, including direct access to the database server by privileged users. This is useful because, even if the database server logs were deleted, the Guardium Collector has already stored such data to enable traceability of access.

What needs improvement?

I have already mentioned to IBM that a primary need is to improve the number of records in the reports above 65,535.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Depending on the policy and rules applied, there is a need to increase the minimum requirements (RAM and storage - HD) for better operation and not to experience hardware slowdowns due to the high flow of traffic. IBM brings the "minimums" and "recommendation." From experience in versions 9x and 10x, when installing Guardium, it's important to verify the "recommendation" requirements of IBM for stability. It is worth mentioning that the requirements (minimums or recommendation) are different for Collector and aggregator.

What do I think about the scalability of the solution?

The two major Database Audit and Protection (DAP) solutions are IBM Guardium and Imperva SecureSphere. There are two modes of operation of these solutions: remote agent and sniffer (out-of-band). I recommended using the remote agent to obtain direct access captures on servers. 

Note that in non-mainframe environments, both solutions are scalable. For the mainframe environment, Guardium has updated installation agents with the latest kernels and releases. This makes a big difference in companies with mainframes, so it is necessary to keep the technology pack updated.

Regardless of the mode of operation, when increasing the number of servers monitored it is important to re-evaluate or perform new sizing. The possible number of databases and database servers which can be monitored by Guardium is high. For me, this is a differentiator of IBM.

How are customer service and technical support?

On a "bad, good, and excellent" scale, I rate it as good.

Which solution did I use previously and why did I switch?

Initially, there were two solutions to be evaluated: Oracle and Imperva. Oracle DAP was not evaluated because it does not monitor Linux or Windows Server-only environments. 

I evaluated Imperva and got good results. However, there is a delay by Imperva in creating updated agents for Linux and Unix, including for mainframe. For me, this is a problem because it is necessary to always keep the environment up to date. If you update the kernel or release of mainframes and do not have the agent upgraded, the DAP will not monitor.

How was the initial setup?

For those who do not have experience, it is complex. There are several configurations to be made, from the configuration of NTP, IP, Mask, registration of the Collectors in the Central Manager, integration with other tools like storage (backup), LDAP, SIEM, through to the application of the policies and customized rules. Note: There are some pre-set rules that can also be customized.

What's my experience with pricing, setup cost, and licensing?

The price of Guardium is higher than the main competitor, Imperva. In addition, it's complex as the calculation of the licensing is done by Processor Value Unit (PVU).

However, before purchasing a DAP solution, it is important to analyze specific points to evaluate the cost-benefit of each tool. For example: Does the environment to be monitored have mainframes? If so, it's a point for Guardium. If not, a point for Imperva. Note: IBM is looking into a new licensing policy and reducing the price of Guardium.

What other advice do I have?

  1. Read important articles related to DAP such as the "2017 Planning Guide for Security and Risk Management."
  2. Gather information from the servers (operating system with version and database types with the versions) of the environment to be monitored.
  3. Check which DAP solutions can monitor the environment.
  4. List the “mandatory requirements” and “non-mandatory requirements.” It is important to have in mind which points will be evaluated.
  5. Request PoCs with the main DAP manufacturers (IBM, Imperva, and Oracle).
  6. Do the sizing with the topology to get an idea of the requirements and cost of the project.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user841920
Business Development Manager at a tech services company with 10,001+ employees
Reseller
It made the setup easy for us

Pros and Cons

  • "Encryption is not straightforward, but Guardium made the setup easy for us."
  • "It needs an integration with Optum."

What is our primary use case?

Database encryption.

What is most valuable?

  • Encryption
  • Data activity monitoring
  • It has a set of modules.
  • I compliment with Optum for a data masking solution.

What needs improvement?

An integration with Optum. Optum is another solution, but it is a segmenting software, portfolio not security. However, I am selling them together as one solution, Guardium and Optum.

For how long have I used the solution?

Less than one year.

How are customer service and technical support?

I am dependent on my team for support of this product.

Which solution did I use previously and why did I switch?

My main solution was Micro Focus voltage data encryption solution, but it was too complicated. 

How was the initial setup?

Encryption is not straightforward, but Guardium made the setup easy for us.

What other advice do I have?

Most important criteria when choosing to partner with a company: I started working with IBM only one year back. When I started a partnership with them, IBM had the security portfolio which covered most of the region where my customers were. IBM has a name with the support along the quality of its products.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
it_user844488
Security Analyst at a insurance company with 1,001-5,000 employees
Real User
Supports security initiatives and ensures compliance policies, but ​It will not work as fast as you want

Pros and Cons

  • "Supports security initiatives and ensures compliance policies."
  • "We now have the ability to begin to understand how people, applications, and service accounts are interacting with data to better protect it."
  • "​It will not go as fast as you want. ​"
  • "Initial setup is very complex. Once you start interacting with people's databases, they get very hesitant. Then, the amount of social tasks to socialize the solution ensuring people are comfortable with it became a much heavier lift."

What is our primary use case?

Database activity management to ensure compliance audit regulations. It is also to manage risk. It is performing well, but we have a large journey to go.

How has it helped my organization?

Previously, we had no monitoring for our databases. Now, we have the ability to  begin to understand how people, applications, and service accounts are interacting with data to better protect it.

We use IBM Guardium to support security initiatives and compliance policies.

We have integrated IBM Guardium with QRadar.

What is most valuable?

Being able to go back to see what people are touching, and when they are touching it, then look at the risk of who is touching what and how they are touching the data. This will give us a better understanding of how people interact with our data. 

We do not use many of the advance features, but we will soon. We are looking at Sensitive Data and User Behavior Analytics.

What needs improvement?

It will not go as fast as you want. 

What do I think about the stability of the solution?

We are about 50 to 60 percent there. A lot of that has to do with us implementing it a little better, and redesigning what we thought would be their protection. We need to do a bit more efficient architecture, as some things are coming down the pipeline for the roadmap of the product.

What do I think about the scalability of the solution?

The scalability is not an issue, though it is not the easiest thing to scale. However, I seen the coming roadmap, where the scalability will be easier.

How is customer service and technical support?

I would rate technical support as fair. Unfortunately, it takes time to figure out an answer to our issues, because they are unique, not just a standard answer.

How was the initial setup?

It is very complex.

Pushing agents and tabs seems pretty standard from a technical perspective. Once you start interacting with people's databases, they get very hesitant. Then, the amount of social tasks to socialize the solution ensuring people are comfortable with it became a much heavier lift.

What other advice do I have?

There are a lot of things that could be better, but it is performing pretty well.

Take your time and learn each step. Make sure that you understand each step, because if you miss something, it will come back. Then, you have to circle back and figure it out anyway.

Most important criteria when selecting a vendor:

  • Price
  • Support
  • Reliability in the marketplace
  • Integration with other systems.
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user841977
Sr. Security Engineer
Real User
Saves us time monitoring and protecting a vast environment

Pros and Cons

  • "The solution has definitely saved us time, because if you want to monitor this kind of vast environment of different products, it's going to take a lot of time. Let's say one database server has 100 database instances running on it; I don't need to install 100 data instances, I just need to install on the one database server and that will cover all of my instances on that particular database."
  • "Initially it did not have support external applications like, say, Tableau, ServiceNow, Remedy, and the like. They have started growing into it, but I would like to have more and more integration with outside applications."

What is our primary use case?

We are monitoring about 1500 or more applications, we have 150 million customers and their PHI/PII data in the repository. We have to protect that data. That is a big challenge because it's a vast environment that we have to protect. That is one of the prime use cases which caused us to select this product.

Initially, we had some challenges, but as we talked with IBM and they provided some good support on it, now we are evolving pretty well. Certainly, everything is not perfect yet, but we are moving into that direction. We are far better than we were two years back.

How has it helped my organization?

We use Guardium to support security initiatives and compliance policies within the organization. For example, an audit comes in once every three months or six months. In that case they ask specific questions and they say, "Hey, just check the box if you are doing this stuff or not," and we are providing them all the evidence that we have collected through Guardium.

It helps comply with industry regulations. It's basically the same thing. If somebody wants to know if we are protecting their data or not and, if yes, how? And they ask us to present the definitions of what we are doing, we just go and get the reports that are required. Let's say for a particular application, it says "This database was down last night, who did it, and how?" we provide all that kind of information.

The solution has definitely saved us time, because if you want to monitor this kind of vast environment of different products, it's going to take a lot of time. Let's say one database server has 100 database instances running on it; I don't need to install 100 data instances, I just need to install on the one database server and that will cover all of my instances on that particular database. 

In terms of saving money, today, if you want to monitor and protect your environment, you have to spend money. So, that's not a question.

What is most valuable?

In terms of advanced features, we are using the Database Activity Monitoring and the Vulnerability Assessment as well. Now we are thinking of using the GDPR because that's going to be a compliance as well. So some but not all of them.

What needs improvement?

Initially it did not have support external applications like, say, Tableau, ServiceNow, Remedy, and the like. They have started growing into it, but I would like to have more and more integration with outside applications. So that, let's say my one of my application owners has Tableau and wants to directly report on that; if I can just pick and see that report with one click, that would help.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It's stable. When I used this product back in 2007 it was challenging, but now it's it's stable.

What do I think about the scalability of the solution?

The scalability is not that easy to use because, you need a lot of knowledge about it, on data security; basically you need to know where your sensitive data is. We tried to use Guardium for that, to find out with the Discovery feature, but it didn't work, because we had a lot of irregular data. We found it ourselves, but Guardium is protecting it; so that's good for us.

How is customer service and technical support?

I would say eight and a half out of 10. I've been in this Guardium stuff for the last 10 to 11 years. I have worked with IBM throughout that time. It has improved, but still it is eight and a half out of 10.

How was the initial setup?

It was pretty straightforward.

What other advice do I have?

I would definitely recommend it. It's easy to use and it can save a lot of headaches, by just implementing it and being able to ask at the time of audit. When it comes to audits, every company wants to be safe.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user844479
People Leader Of Cyber Strategy And Solutions at a insurance company with 10,001+ employees
Real User
We use it to create smarter controls for monitoring data

Pros and Cons

  • "Its ability to find data."
  • "We are using it to do a lot of data discovery from a data classification for structured data."
  • "The tech support is very knowledgeable."
  • "I am struggling getting through to social."

What is our primary use case?

Database monitoring. At the moment, we are using it to do a lot of data discovery from a data classification for structured data.

What is most valuable?

Its ability to find data. Once I find data, I can leverage it to perform specific select statements against PII data and do smarter controls rather than monitoring the entire database. 

What needs improvement?

My only negative thing on Guardium would be it is too smart. I am struggling getting through to social. In an ideal world, I would be able to populate every US zip code and have Guardium find the number, then identify it as a zip code. Right now, I have to pull it down and compare it.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

It is a stable product. We just finished upgrading to version 10, and had no issues with the upgrade. We are excited about working with the newest version.

What do I think about the scalability of the solution?

It should meet our need going forward as it is a huge product. We have scanned 7000 SQL databases and 1500 Oracle Databases.

How is customer service and technical support?

We have a strong partnership with IBM. Their tech support is very knowledgeable.

How was the initial setup?

The initial setup was before me.

We are doing what we call a reboot of the product. We are calling it the Guardium reboot project. We are starting back with the classifications to understand what controls we are implementing, thus stepping back to step forward. We are doing this because in the beginning we moved forward by getting everything monitored without being smart about what data was monitored.

What about the implementation team?

We implemented the most recent upgrade in-house.

What other advice do I have?

Most important criteria when selecting a vendor: At the end of the day, it would have to be the support and relationship. There are a lot of smart people out there building products which do things. However, not everyone can use them, and without having someone to call, it is sort of its own disadvantage. 

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
ITCS user
-- at a tech services company with 51-200 employees
Consultant
Provides regulatory compliance proof and evidence for audit

Pros and Cons

  • "The ability to collect the data without database administers being able to modify it."
  • "It provides us regulatory compliance proof and evidence for audit."
  • "Performance and the ability to use resources could be improved."
  • "The ability for Central Managers to talk to one another could be improved. I have 26 Central Managers and 26 silos which are independent."

What is our primary use case?

  • Database access monitoring
  • Vulnerability assessment
  • PCI compliance
  • SOX compliance
  • GDPR compliance 

How has it helped my organization?

  • It provides us regulatory compliance proof and evidence for audit. 
  • It allows us to find bad actors. 
  • It allows us to find people who are doing stupid things, and do it without the intervention and loss of data integrity of the people that we are monitoring manipulating the data.

We have integrate IBM Guardium with ArcSight and Splunk.

What is most valuable?

The ability to collect the data without database administrators being able to modify it.

What needs improvement?

  • There are some GUI improvements that I have provided to development already.
  • Performance and the ability to use resources could be improved. 
  • The ability for Central Managers to talk to one another could be improved. I have 26 Central Managers and 26 silos which are independent.
  • Some of the data handling or data recording could be improved. We are doing it with external software, components, etc. 

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

For the most part, it is stable. Depends on the year.

What do I think about the scalability of the solution?

It has scaled. It was pulling teeth, but it does scale. 

We taught IBM about the limits of the product. They did not think there were limits to the product. There were, because we do very extensive testing of performance. We can tell you when a product is going to break. Their development thought this was valuable because they do not have the facilities to do this sort of extensive testing.

How is customer service and technical support?

Technical support is very knowledgeable now. 

At one time, they were horrible since they were blue washed. After the blue wash and a couple of years on the honeymoon, then they have gotten considerably better. They have had problems understanding that they do not know as much about the company's environment as the employee does. This will result in them downgrading tickets, and they will just do it on the fly. This is not a good thing because they do not understand the issue. This may not look like a sub 1 ticket to IBM support, but it is.

Which other solutions did I evaluate?

We went in and tested it. We continually test everything that is in the industry. Guardium has significantly gone past the mark of acceptable every single time, as compared to their other competitors.

What other advice do I have?

Overall, it is a very solid product. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
it_user844467
VP Systems Engg at a financial services firm with 10,001+ employees
Real User
Heuristic network traffic analysis enables us to implement rule-based algorithms

Pros and Cons

  • "It has been very difficult to analyze all the network traffic with something else. Guardium provides that feature, it's heuristic. So we have rule-based algorithms in place to take care of that."
  • "There are features like end-to-end and S-TAP mapping, and the ability to install policies for your configuration builder. They're not there, but we'd like to see them in the next version."

What is our primary use case?

Database activity monitoring.

It performs its job quite well.

How has it helped my organization?

We use Guardium to support security initiatives and compliance policies such as  APCI, SOX, GDPR, pretty much everything.

We are in the process of integrating Guardium with a couple of systems including IDSM.

It does save us time and money. I can't quantify it in terms of money, but it has been very difficult to analyze all the network traffic somewhere else. Guardium provides that feature, it's heuristic. So we have rule-based algorithms in place to take care of that.

What is most valuable?

The ability to do its job properly, database activity monitoring for insider threat. That's primarily why we use it and it does a good job.

Among the advanced features, we use Vulnerability Assessments. We are in the process of using Discovery Classification as well.

What needs improvement?

We have made a list of RFIs. There are features like end-to-end and S-TAP mapping, and the ability to install policies for your configuration builder. They're not there, but we'd like to see them in the next version.

What do I think about the stability of the solution?

Stability has improved with the newer versions.

What do I think about the scalability of the solution?

It scales well. The newer versions scale very well compared to the earlier versions.

How is customer service and technical support?

They're brilliant. 

How was the initial setup?

I was not involved in the initial setup, my manager was. But I have been involved with the latest versions. Initially, from 32-bit to 64-bit was a nightmare, but the latest 64-bit versions are pretty straightforward.

What other advice do I have?

When selecting a vendor, what's important for us is 

  • how quickly they can provide customer support
  • scalability
  • reliability
  • dependency.

Overall, I'd rate it at eight out of 10. It could be a 10, however there are few features, like the ones I mentioned, that are still a work in progress.

Regarding advice to a colleague, determine what your business needs are. If your business needs are similar to the ones Guardium solves then you should go for it. The implementation is seamless, the requirements are straightforward, and it's easy to use the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user842901
Data Architect at a transportation company with 1,001-5,000 employees
Real User
Makes database monitoring more visible to the business, helps with GDPR/SOX compliance

Pros and Cons

  • "It's made database monitoring more visible to the business, creating more conversations about how we should do it better."
  • "Needs nore cloud support."
  • "We've had some issues recently that we're working through, on the agent software that runs on the databases."
  • "Setup can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take."

What is our primary use case?

Database activity monitoring.

Its performance is good, most of the time.

How has it helped my organization?

The benefit is that it's made database monitoring more visible to the business, creating more conversations about how we should do it better. So it's increased the visibility and discussion.

It also helps us with GDPR and SOX compliance and just looking at specific policies around; protecting sensitive data. 

We haven't integrated it with other systems we use.

In terms of saving us time and money, I'm not sure if Guardium does. I know we spend more time and money to cover monitoring, this is something we didn't do before, so I think it's more about the capabilities it's given us.

What is most valuable?

The architecture and the robustness of the data it produces.

Regarding advanced features, I'm using enforcement in the policies. In the future I would like to do more classification. 

What needs improvement?

More cloud support. 

What do I think about the stability of the solution?

For the most part, it's pretty stable. We've had some issues recently that we're working through, on the agent software that runs on the databases.

What do I think about the scalability of the solution?

The scalability is good.

How is customer service and technical support?

I would say tech support is about a seven out of 10.

How was the initial setup?

It can be complex. The documentation is in so many different locations, and a lot of times we have to leverage support and higher level resources to figure out the right steps to take.

What other advice do I have?

Our most important criteria when selecting a vendor are stability and architecture.

I rate this solution a nine out of 10 because there are a few things I'm working through that I would like to see improved, mostly around the stability on the agent software side, working with the database vendors.

Regarding advice, I would recommend you use it and that you try to leverage IBM's support and services as much as possible to help get through the initial installation and configuration.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user842892
Cyber Security Architect at a tech services company with 11-50 employees
Real User
Our clients use Accelerators to help with PCI and GDPR compliance

Pros and Cons

  • "We have integrated IBM Guardium​ with IBM Watson Curator. They access Curator to identify and correlate other actions the user is doing to determine if this is a legitimate action or not."

    What is our primary use case?

    We have implemented it on an industrial network to monitor the production of medicines. This is something that is very controlled by Brazilian regulations and we have to keep an audit trail for this data. Trying to enable it on SQL Server - that was our client's main server - the load would go so high that they couldn't use the application anymore. They are using Guardium now so they can produce that audit trail for audit compliance.

    How has it helped my organization?

    We have integrated IBM Guardium with IBM Watson Curator. They access Curator to identify and correlate other actions the user is doing to determine if this is a legitimate action or not.

    In terms of advanced features, our clients are starting to implement it on an order basis so they can get to GDPR and the like; those Accelerators. They also use it a lot for PCI, to get access to credit cards.

    Guardium has saved us time and money, mainly on the discovery process and senior management is aware of this, of course.

    What is most valuable?

    The Audit Trail.

    What needs improvement?

    They could improve the Data Masking a little.

    What do I think about the stability of the solution?

    Stability is quite good. We had some problems, but support is very effective so we were able to solve them very quickly.

    We had instability with reports, they were giving some errors. I don't know exactly what had happened because I wasn't the one involved, but we couldn't access reports.

    How are customer service and technical support?

    Tech support is very good.

    Which solution did I use previously and why did I switch?

    We knew we needed to switch because of that problem with the audit trail, that SQL couldn't keep up with what we needed to do for auditing. That's why we had to search for a new solution.

    How was the initial setup?

    It's very easy.

    What other advice do I have?

    I would rate it an eight out of 10 because it is very stable; we had some problems but they were solved, and we can do what we need to do.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    it_user844485
    President at a tech vendor with 1-10 employees
    Real User
    Helps us support security initiatives and compliance policies like HIPAA and PCI

    Pros and Cons

    • "It provides a comprehensive security for databases, both on-prem and on the cloud. Among the advanced features we use automatic backups, DR."
    • "More predictive, using Watson AI would be good."

    What is our primary use case?

    To provide cyber security for databases.

    It has performed very well.

    How has it helped my organization?

    It has made us more responsive and more productive, more efficient.

    We use Guardium to support security initiatives and compliance policies. We are in the healthcare world, so it helps us with HIPAA compliance. It has also helped us with PCI. We haven't gone with GDPR.

    We have not yet integrated Guardium with other systems we use.

    It has saved us time and money by definitely making us more productive. Senior management is aware of this.

    What is most valuable?

    It provides a comprehensive security for databases, both on-prem and on the cloud.

    Among the advanced features we use automatic backups, DR. We'd like to implement more predictive, using Watson.

    What needs improvement?

    More predictive, using Watson AI would be good.

    What do I think about the stability of the solution?

    It's very stable.

    What do I think about the scalability of the solution?

    It's scalable.

    How are customer service and technical support?

    We sometimes use technical support from IBM. It has been good, very good.

    Which solution did I use previously and why did I switch?

    We were using traditional cyber security stuff. But this is a pretty good product. We became an IBM business partner, we are a cyber security business partner for IBM. We have other products besides Guardium that we are marketing.

    The most important criteria when selecting a vendor are their

    • stability
    • quality
    • support.

    How was the initial setup?

    It was straightforward.

    What other advice do I have?

    Buy it.

    Disclosure: My company has a business relationship with this vendor other than being a customer: IBM Business Partner.
    it_user842865
    Database Administrator at a financial services firm with 11-50 employees
    Real User
    Automates detection of access to restricted data across our multiple platforms

    Pros and Cons

    • "It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes."
    • "This is a multi-platform solution that consolidates everything and centralizes support for it."

      What is our primary use case?

      It's a security product that works across multiple platforms, in our case it's the mainframe and the midrange. We use it to detect when somebody accesses restricted data and report on it.

      So far it has performed quite well, we're happy with it.

      How has it helped my organization?

      We used to use cobbled-together scripts, different products and different pieces on different platforms. This is one consolidated tool so one report comes out for each director and it's clean and easy. There is some scripting involved to tell it what is important and what is not important - which is important to us.

      In terms of security initiatives and compliance policies within our organization, that's basically what we use it for: the reporting of who touches what data. And that goes up to the directors and they approve or get mad at you and ask you why you did something.

      IBM Guardium probably helps us comply with industry regulations like SOX, PCI, or GDPR, but the big driver was more internal and audit-related, rather than industry-related.

      We haven't integrated Guardium with other systems we have.

      It has saved us time and money. As I mentioned, we had a bunch of cobbled-together scripts that were manually maintained for different platforms. This solution automated all that and made it such that the security administrators can run it themselves and not involve us. So there is less "people effort." Senior management is aware of the savings.

      What is most valuable?

      It makes the auditors happy.

      It does not require our involvement to run it. It runs in the background and the people that do the reporting do so. The reports go to the directors who are in charge of the various data areas. It's pretty clean. Clearly there is some setup, but after you get it set up it just goes.

      I have no idea what the advanced features are, so we're probably not using them.

      What needs improvement?

      Lower pricing would always be good but apparently we're getting our money's worth or we wouldn't be using it.

      What do I think about the stability of the solution?

      I'm pretty impressed with the stability. There was medium-sized initial effort getting it configured and set up and doing what we wanted it to do, but it just runs and we don't have to deal with it.

      What do I think about the scalability of the solution?

      We run it on the mainframe and on the midrange platforms and we haven't had any performance issues of any kind. We haven't really had to scale it. We pick and choose what's important to us, so we don't monitor everything. If we were going to monitor everything it would probably be an issue, something we would have to address.

      How are customer service and technical support?

      I have not used tech support personally. We did have some support help at the beginning, learning it and getting it set up.

      Which solution did I use previously and why did I switch?

      We were previously using homegrown scripts. We decided to switch primarily because this is a multi-platform solution that consolidates everything and centralizes support for it.

      When selecting a vendor, we reviewed two other products, but the main reason was that this is a multi-platform solution and it worked well in our environment.

      How was the initial setup?

      I was not directly involved but I was involved somewhat since I had worked with some of the systems in the past, so maybe some requirements gathering.

      The setup seemed pretty straightforward to me.

      What other advice do I have?

      We're very happy with it. It depends on what your needs are, but it meets our needs.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user841971
      Guardium Engineer
      Real User
      Helps make us more compliant with regulatory requirements but cost outweighs benefits

      What is our primary use case?

      We want to protect our data. That's the primary use case.

      So far, performance has been okay.

      How has it helped my organization?

      We are able to identify who does what, when, and we are able to go back to them and say, "Is this an authorized activity? Is it not an authorized activity?" Why are they doing it? Is there an outlier? Go back and find out if that is normal, unusual? It has helped the overall perspective of making our operations more compliant with the regulatory requirements.

      We use Guardium to support security initiatives and compliance policies in our organization. For example, we create reports that tell us how often is a password locked, how many exceptions we are getting, how many failed login items we are getting. We send those reports to the compliance and auditing folks. We do vulnerability assessments, detect vulnerabilities and send reports.

      Currently we are not focused on GDPR because we are mainly a US-based company. I don't think I would say that Guardium has saved us time or money.

      What is most valuable?

      It does the monitoring of access very well, although we currently don't use any of the advanced features.

      What needs improvement?

      Get rid of the collectors. Stream the data directly from the agents to the Big Data link.

      What do I think about the stability of the solution?

      The solution is very stable, but it has its challenges. 

      How are customer service and technical support?

      I would rate tech support about seven out of 10.

      Which solution did I use previously and why did I switch?

      This was a management decision. I think when they found Anthem was getting breached they decided, "Hey, let's try something else."

      When selecting a vendor, the most important criteria for me are the

      • reliability of the vendor
      • name recognition
      • support model
      • cost, of course.

      How was the initial setup?

      If you know it, it's pretty straightforward. Otherwise, there is a little learning curve.

      What's my experience with pricing, setup cost, and licensing?

      The biggest challenge is the cost associated with the product, and the cost of maintaining. Everything is not translated directly to the benefits we see. There are benefits, yes, but if I were writing the check, would I buy Guardium? No.

      Which other solutions did I evaluate?

      It's pretty good. We have the latest version, so we are able to scale.

      What other advice do I have?

      I would rate this solution six out of 10. The benefit to the cost is not justified, in my opinion.

      I would say Guardium is a good product. It's a very good product, but you want to weigh how much you want to implement. Do you want to focus on only certain applications? Certain databases? Don't do it across the enterprise. So think about that.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Lawrence Wells
      IT Security Manager at a healthcare company with 10,001+ employees
      Real User
      We use it to support security initiatives and combine policies within the organization

      Pros and Cons

      • "Our ability to see when users are accessing sensitive data."
      • "We use IBM Guardium to support security initiatives and combine policies within the organization."
      • "The front-end works very well."
      • "Gathering ​the data works very well. ​"
      • "One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data."
      • "Using the data in native Guardium is difficult, at best."

      What is our primary use case?

      Primarily re-monitoring sensitive data and privilege user access. 

      How has it helped my organization?

      One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

      We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

      IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

      Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

      What is most valuable?

      • Our ability to see when users are accessing sensitive data. 
      • The front-end works very well. 
      • Gathering the data works very well. 

      We are using quite a few of the advanced features. Some of those include some scripting for integration with our other security tools in the environment along with data collection, and the ability to use large data formats for monitoring and information. 

      What needs improvement?

      One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

      Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      Guardium is very stable. The only outages that we have had have been self-induced, which is hard to admit. As a platform, it provides great stability.

      What do I think about the scalability of the solution?

      Guardium should meet our needs going forward. 

      We have only been using Guardium for a short period of time, so we had some growth problems. It is just like growing into your body. Your knees start to hurt after a little while, but once you get through that growth spurt, you get your win and you keep going and you are able to grow and expand. I think the way we have it implemented, we will be able to grow and scale as the organization grows. 

      How is customer service and technical support?

      We use technical support very frequently. We actually have a weekly call with our sponsor where we go through all of our different support questions. We are on a week-to-week basis where we follow-up with all our questions. We are on the leading edge for Guardium implementations. The version that we are on, it makes us a Fortune Six organization with the current version for all of our data. It requires a lot of support as we grow and mature with the product and with our organization's growth. 

      How was the initial setup?

      Our initial setup was pretty straightforward because we were just figuring out how it worked. Over the last two years, we have introduced our own complexities to accommodate our requirements. Would I say that it is complex to us today? No. To the average Guardium user? Yes, it would be complex.

      Which other solutions did I evaluate?

      We did evaluate other vendors. Guardium was a large purchase. We did our due diligence as we were responsible for the purchase process. Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it. 

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      MT
      Database Administrator at a healthcare company with 10,001+ employees
      Real User
      It tests security to support SOX compliance

      Pros and Cons

      • "It supports our audit compliance."
      • "It tests security to support SOX compliance."
      • "I would like them to support cloud services."
      • "Sometimes the performance is not good, and also sometimes we have sudden bugs causing difficulties."

      What is our primary use case?

      It tests security to support SOX compliance.

      How has it helped my organization?

      It supports our audit compliance. We use IBM Guardium to support security initiatives and compliance policies within our organization. We have a lot of self controls which require the database to be monitored, especially for the privileged user.

      What is most valuable?

      • Its band monitoring. We just started to use it.
      • The mobility assessment

      What needs improvement?

      I would like them to support cloud services.

      What do I think about the stability of the solution?

      It is pretty good, though we have had some issues. Sometimes the performance is not good, and also sometimes we have sudden bugs causing difficulties. Therefore, it is hard for IBM to fix.

      What do I think about the scalability of the solution?

      Scalability is good.

      How is customer service and technical support?

      My experience with technical support depends. Sometimes, with Level 1, it is not good. However, when the case goes to Level 2, the support is pretty good.

      How was the initial setup?

      The initial setup was pretty straightforward.

      What was our ROI?

      Senior management is aware that Guardium has saved the organization time and money

      Which other solutions did I evaluate?

      We just talked to IBM. If we have a problem, maybe they can offer us something new, new features, etc.

      What other advice do I have?

      IBM Guardium is good.

      Most important criteria when selecting a vendor: reliability.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user841947
      Systems DBA at a insurance company with 1,001-5,000 employees
      Real User
      We are more efficient in demonstrating compliance but the reporting features need work

      Pros and Cons

      • "Our internal audit is keeping an eye out, and making sure that we're in compliance. Having the Guardium solution and its reporting helps us get through that process a lot more quickly and efficiently."
      • "The most valuable feature for me, in my role as systems DBA, is the expediting of internal and external audits."
      • "The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that."

      What is our primary use case?

      To protect the data. We're trying to monitor privileged users, get an idea of what's normal access, and to make sure that service account usage is only coming from the appropriate places, not being used by people from their own work stations.

      How I would describe how well it's performing is that we are taking a slow and steady approach to it. Right now, I would say we're going from crawl to walk as far as usage goes; not using any of the sophisticated features, more getting the base implementation in place.

      How has it helped my organization?

      I think we have a better handle on who is accessing our data.

      We use Guardium to support security initiatives and compliance policies within our organization. Our internal audit is keeping an eye out, and making sure that we're in compliance. Having the Guardium solution and its reporting helps us get through that process a lot more quickly and efficiently.

      We're not using any of the workflow yet, but I would say yes, it is helping with compliance reporting. We're making sure that we're monitoring the usage of privilege accounts, managing the use of the service accounts.

      We have not integrated Guardium with any other systems.

      It has made us more efficient in demonstrating that we are in compliance, and enables to get through audit processes more quickly, which saves time and money.

      What is most valuable?

      Probably the most valuable feature for me, in my role as systems DBA, is the expediting of internal and external audits.

      What needs improvement?

      The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that. It was built by the guy who helped develop Guardium but left IBM and spun up his own company. They found a need and they filled it. I think they filled it better than at least IBM thinks they can do for now.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      I'm not the administrator of the product so I don't know that I would be the best one to answer this. But from more of a consumer's perspective, the fact that the S-TAPs and such run on my systems, it has not caused us any problems; a little bit in the SQL Server space, but overall it has been good.

      What do I think about the scalability of the solution?

      I think that it's very scalable. You can spin up new Collectors and Aggregators as needed so, I'd say it's sufficient.

      How are customer service and technical support?

      I do not have experience with technical support. I know that our main Guardium guy is the head of the user group, so, he has used it. He has connections. He usually gets quick feedback because they know he is very visible.

      Which solution did I use previously and why did I switch?

      We had rolled our own stuff to do some of what Guardium does, but I think it was organizational recognition that switching was something that needed to be done. The monitoring and reporting was lacking in our organization. We had pockets where we had built our own, but now we're able to use one platform to do that monitoring for all of our database environments.

      We went with IBM because it was a combination of functionality and familiarity, in that we have a lot of IBM products in-house, and it fit the criteria.

      How was the initial setup?

      It was straightforward.

      Which other solutions did I evaluate?

      We did evaluate others, but I couldn't tell you what they were because that was a couple of years ago.

      What other advice do I have?

      It does a good job for what it's designed to do. You may want to look into the enhanced reporting that's available by the third party, because some of the report-building features are not as nice as some of the third party's.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      AA
      App Mainframe And Storage at a financial services firm with 1,001-5,000 employees
      Real User
      It's one of the first to encrypt DB2 databases, but the technology needs to mature a little more

      Pros and Cons

      • "It's one of the first to encrypt DB2 databases."
      • "It was difficult implementing it, configuring it, getting it up and running and in production. However, since then, I believe it has stabilized."

      What is our primary use case?

      We acquired Guardium to encrypt certain databases to meet a customer requirement.

      It has been performing to spec.

      How has it helped my organization?

      We use Guardium to support security initiatives and compliance policies within our organization. The encryption meets a requirement. It was a requirement of a customer. I don't think it is a compliance requirement, but it did come through as a request from a prospective client, so we implemented it.

      I don't know if this solution has helped us to comply with Industry regulations like SOX, UCI or GDPR. We have not integrated it with other systems we use. I would not say it has saved us time or money.

      What is most valuable?

      I understand that it's one of the first to encrypt DB2 databases.

      I'm not able to answer whether we're using any of the advanced features.

      What needs improvement?

      This would be a question for one of the technical folks, probably not for me.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      It was difficult implementing it, configuring it, getting it up and running and in production. However, since then, I believe it has stabilized.

      What do I think about the scalability of the solution?

      We haven't really tested the scalability with it as yet, we're really only encrypting a very small percentage of our data.

      How is customer service and technical support?

      Technical support is interesting because, when we implemented Guardium, it was a partnership of IBM with the company that, I think, Guardium either partnered with or acquired since then. So, even though support was funneled through IBM, it was actually performed by the third-party software company, and it was difficult and challenging at times. There was a layer of interpretation between IBM and Rocket Software, and sometimes that was helpful and other times not so much.

      What other advice do I have?

      In terms of advice, I would say allow the technology to mature a little more. I think we were one of the first, if not the first, to implement Guardium. And, like I said before, it was kind of painful, but let the maturation process run it's course. I'd say learn from other people's mistakes or, not so much mistakes, just experiences. Benefit from other peoples' pain, bumps, and bruises.

      I rate it seven out of 10 only because it's a unique, niche offering that is not, that I know of, offered elsewhere in the marketplace. It fills a need, which is good. I don't know how prevalent the need is in the marketplace but it's nice to have an offering there that, when needed, you can implement something.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user841929
      IT Manager at a financial services firm with 1,001-5,000 employees
      Real User
      Very good for security and compliance, simple to use and manage

      What is our primary use case?

      The primary use case is security of our data in the bank.

      Performance is very good.

      How has it helped my organization?

      Security. This is the main capability that you have in this solution.

      In terms of compliance, we need to track users, database logins, and run inquiries. Guardium stores this log information very well. We don't use it for compliance with industry regulations like SOX, PCI or GDPR.

      We have integrated Guardium with our database, SQL server, Hadoop, and Oracle Database. The integration is very simple. We just installed the solution and the rest was very simple.

      I believe Guardium save us time and money. Upper management is aware of these savings.

      What is most valuable?

      It's simple to use and managing the solution. It's very, very good for security and tracking users and databases in the organization.

      What do I think about the stability of the solution?

      Stability is very good. I don’t have downtime with this solution.

      How is customer service and technical support?

      We used support to configure Guardium with Hadoop only. The support was good. I did not need to escalate this ticket.

      What's my experience with pricing, setup cost, and licensing?

      The pricing was for a big package, including all IBM products. As such, it was good value.

      Which other solutions did I evaluate?

      I don’t know because I am new in this company. I don’t know the history.

      What other advice do I have?

      When selecting a vendor, I look at the price and the scope of solution.

      My advice is to use this solution. For security and compliance it is very, very good.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Brian Dessoffy
      Security Analyst at a insurance company with 10,001+ employees
      Real User
      It has automated a bunch of manual tasks, but it is fairly buggy at times

      Pros and Cons

      • "You could easily throw it onto a VM or add additional hardware. One central manager supports about a hundred managed units, so scalability is excellent.​"
      • "Guardium does a great job of capturing data and having the ability of trying to pull it out and make sense of it. Using it for business applications is its biggest capability."
      • "It has automated a bunch of manual tasks, giving us insights into activities that we would not otherwise be able to capture."
      • "We have had some issues with patches breaking things unexpectedly in our environments."
      • "​Overall testing and quality need improvement. It is fairly buggy at times, so it feels like it could use additional staff on the product, testing and trying it out."
      • "I would like to see a lot of additional reporting and analytics features. They have basic outlier detection, but I would love to see that go further, and model it after analytics tools like Splunk."

      What is our primary use case?

      Our primary use case would be for compliance reporting: DBA activity monitoring for SOX regulations.

      It has performed fairly well. There are issues here and there, but it is the only product on the market that can do this job. It is the industry leader in database security.

      How has it helped my organization?

      It has improved the way our organization functions. It has automated a bunch of manual tasks, giving us insights into activities that we would not otherwise be able to capture.

      We use it to support our top two security initiatives. We have one large project that is focused around locating our sensitive data elements and we have used the discovery agent to do just that. Then, we also have another stream in that project towards monitoring these sensitive data stores, so we use some of the Guardium monitoring features and alerting features to monitor these sensitive databases.

      We use it for our SOX compliance reporting. We have it integrated with LDAP and Active Directory. We are looking to integrate it further with Splunk and a change management system. 

      The integration process is challenging: 

      • Pulling from the Active Directory and LDAP is not bad once you figure it out. Typically, customers need to work with IBM support to do this. 
      • For the Splunk integration, we are in process of doing this. We have been working with Splunk to pull the data out. 
      • For the change management piece, we have not really started this yet.

      What is most valuable?

      Some of its reporting capabilities. Guardium does a great job of capturing data and having the ability of trying to pull it out and make sense of it. Using it for business applications is its biggest capability. 

      We use many of the advanced features. We are one of the more advanced Guardium clients, thus we use features, such as custom tables and the ability to import custom data. We have used some of the data discovery pieces before, along with the classification builder. Therefore, we are pretty strong power users in the product.

      We have been looking into Guardium Big Data Intelligence and seeing if it makes sense for our organization.

      What needs improvement?

      Overall testing and quality need improvement. It is fairly buggy at times, so it feels like it could use additional staff on the product, testing and trying it out.

      I would like to see a lot of additional reporting and analytics features. They have basic outlier detection, but I would love to see that go further, and model it after analytics tools like Splunk. If the product could integrate with Splunk, or mimic it, it would provide a lot of value. 

      What do I think about the stability of the solution?

      Stability is average. There are frequently new issues with releases. As long as you stay a version or two behind, you are pretty stable. However, we have had some issues with patches breaking things unexpectedly in our environments.

      What do I think about the scalability of the solution?

      Scalability is very good. You could easily throw it onto a VM or add additional hardware. One central manager supports about a hundred managed units, so scalability is excellent.

      How are customer service and technical support?

      We frequently use technical support. We have some arrangements made with them, but our support is generally pretty good for smaller issues. For larger issues, we would like a bit more communication from them. Therefore, when there is a known product bugs, known fixes, or known issues, it would be great if they made those a little easier to find or published them at all. That would save us a lot of time and effort.

      Which solution did I use previously and why did I switch?

      We invested in Guardium because of regulatory compliance issues. Guardium is the only product in the market that could meet these needs. 

      How was the initial setup?

      I was not involved in the initial setup.

      What was our ROI?

      Guardium has not saved us time or money. Senior management is aware of this.

      What's my experience with pricing, setup cost, and licensing?

      If you are researching this type of solution, work with IBM.

      Which other solutions did I evaluate?

      Only Guardium.

      What other advice do I have?

      Most important criteria when selecting a vendor: 

      1. The ability to meet requirements.
      2. Costing
      3. Scalability and market share.
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user840891
      Systems Programmer at a financial services firm with 10,001+ employees
      Real User
      Tells us who is using our privileged IDs, helping mitigate security risks

      Pros and Cons

      • "Satisfies audit requests, to give us an idea if anybody is accessing our privileged user IDs without our knowledge."
      • "Right now we're having some issues where it's using a high CPU, we don't know why. So, better testing before the product is ready would help."

      What is our primary use case?

      For the mainframe, monitoring DB2 privileged access to our databases.

      It has performed really well so far for the purpose, but we're not using the full capacity of it. There's also an open systems side that they're implementing now, that I'm not part of, but there's a lot more growth in that area.

      How has it helped my organization?

      It's more secure. The big issue is satisfying audit requirements, that is really big in our company right now.

      We also use Guardium to support security initiatives and compliance policies within our organization. For what we do, we need to know who exactly is using our privileged IDs, because that's a security risk, if someone who is not authorized does that.

      I don't know if Guardium has helped us comply with industry regulations like SOX, PCI, or GDPR. We also have not integrated it into other systems.

      In the past we were doing a lot of manual checking, running our own reports, going through SMF data, but now Guardium does that reporting for us. That saves us time and money. Senior management is aware of the savings. They're the ones that really pushed for it.

      What is most valuable?

      Satisfies audit requests, to give us an idea if anybody is accessing our privileged user IDs without our knowledge.

      We don't use any of the advanced features.

      Regarding other features we would like to implement, I don't deal with the actual setup of the product. We have a specialist for Guardium to do that for us. We tell him our requirements and he builds the policies. So far it's very limited on our side, but I imagine on the open systems, side there would be a lot more complex policies.

      What needs improvement?

      Right now we're having some issues where it's using a high CPU, we don't know why. So, better testing before the product is ready would help.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      So far, so good. We've been using it for about two or three years right now, and we have had no issues. Once it was set up properly, it has run as it should.

      What do I think about the scalability of the solution?

      It appears to be very scalable, especially on the mainframe. On the open systems side there are a lot more servers out there, mainframe is more centralized. On the mainframe it's very scalable. We're only using one percent of it right now, what we're monitoring. But we feel that with the power of the mainframe, that can go up as much as we need.

      How are customer service and technical support?

      We use tech support. If we have a problem, we open up a PMR with IBM on the mainframe side, and we also have someone that does the implementation of it on the server side. He works closely with IBM. Our experience with tech support is really good. They're responsive, and we get to the right person.

      Which solution did I use previously and why did I switch?

      Our previous solution was manual.

      Our most important criteria when selecting a vendor are reliability, the reputation, and the product itself has to deliver in an efficient manner. Our company is heavily involved with IBM products, so adding another product or taking a product away is not very hard.

      How was the initial setup?

      We were somewhat new to it. When it first came out we had it brought in for testing. In the initial stage, the documentation was not very good on the mainframe side. But once we installed it... it was very easy to install in the mainframe side. On the open systems side, and the person supporting it, he has to be more skilled and more knowledgeable of the product, so I can't speak for him.

      Which other solutions did I evaluate?

      We did not actually PoC anybody else.

      What other advice do I have?

      I give it a nine out of 10. It's not perfect: Issues like using a high CPU and, in the beginning, it was a little unclear on how to install it. This is only on the mainframe side.

      In terms of advice, do a good PoC on it, because I believe it's a very expensive solution. And it has to satisfy the auditors, for sure. If it doesn't satisfy the auditors it won't go anywhere.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user840906
      Senior information security analyst at PFG
      Real User
      GUI is user-friendly; also interfaces well with REST API if you want to automate commands

      Pros and Cons

      • "Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices."
      • "Accelerators is one of the big functions they have out there. It gives you canned reports that you don't have to make yourself, they're out there by being part of the patch. You just have to fill your information in to some of the already built groups, for your environment, and it automates a lot of that. That has definitely helped improve things."
      • "The most valuable feature is the GUI, the interface. It also interfaces well with REST API, if you want to automate some of the commands."
      • "I think it scales pretty well. It can run on most of the database platforms currently out there. That is something we really like as a feature, because we try to hit everything in our environment to make sure we're meeting those regulations."
      • "I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments."
      • "I'd like to them make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it."
      • "I would like to see streamlining of some of the agent features, some of the patches; make it a little bit more user-friendly on the documentation."

      What is our primary use case?

      For compliance and risk assessment, monitoring the database traffic, as well as doing vulnerability assessments on the database to make sure that our security is up to par. We use it to keep us less vulnerable as a company as well as to keep the customers' data safe.

      So far it has performed really well. Occasionally, we have issues here and there with new patches having bugs, but that's the case with any software.

      How has it helped my organization?

      It has really helped identify areas that we need to fix. It also identifies, from a compliance standpoint, records we can provide. It shows us just how secure we are overall, as a company, rather than just trying to do things here and there. It helps automate what would take thousands of hours for DBAs to do manually.

      Our main focus for IBM Guardium is to support security initiatives and compliance policies within our organization. We use the DPD product for monitoring, especially for GDPR, SOX regulations and, of course, the vulnerability assessment that we use to make sure we're keeping up with our patches, making sure things are configured, making sure we're following the best practices.

      Accelerators is one of the big functions they have out there. It gives you canned reports that you don't have to make yourself, they're out there by being part of the patch. You just have to fill your information in to some of the already built groups, for your environment, and it automates a lot of that. That has definitely helped improve things.

      We've integrated it with QRadar, our SIEM product from IBM. When you do that integration, you have to make sure you have the right configuration files from both products. There is some online documentation through the IBM support portal which will give you step-by-step instructions. A lot of is pretty easy to follow.

      What is most valuable?

      The most valuable is the GUI, the interface. It also interfaces well with REST API, if you want to automate some of the commands. 

      Inside the GUI they've really done a lot, especially from version 9 to version 10, in how they lay it out and how user-friendly it is. I've been using it for a few years, but for someone newer it's now a lot easier to use and not as daunting.

      In terms of the advanced features, we do a lot of different regulations - some of the advanced ones, like GDPR, that's a big regulation in the EU. We do a lot of classifications and a lot more rules in our policy base around those regulations, that are advanced.

      Looking to the near future, we're looking at some of the cloud features, especially some of the classification they're putting in the cloud, so it's not so much appliance-focused. It will help automate some of that process and make it run a lot more smoothly, because it won't be on Linux appliances in our environment.

      Guardium has save us a lot of time, especially with the things it can automate. It has especially saved the DBA's time. We have a lot of other IBM products, so going with this one definitely gives us value, rather than going with another vendor. Senior management is absolutely aware that Guardium has been saving us time and money.

      What needs improvement?

      I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments.

      I'd also like to make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it.

      The user groups are really good for giving them feedback. I've seen, over the years, that they take a lot of that customer feedback and they actually implement some of those changes.

      What do I think about the stability of the solution?

      It's pretty stable. It's like any other software, it has its ups and downs: bugs, or configuration issues or things that weren't built exactly in the best way for customers to use. Obviously, they need that kind of feedback from when it's in the environment. But overall, I think it's pretty stable.

      What do I think about the scalability of the solution?

      I think it scales pretty well. It can run on most of the database platforms currently out there. That is something we really like as a feature, because we try to hit everything in our environment to make sure we're meeting those regulations.

      How are customer service and technical support?

      It's pretty good. Sometimes you have to fight through those first couple of walls to get somebody. But they're there for somebody who may not know how their using the tool, who may not be as advanced, so they don't want those kinds of issues to go to their higher-up staff. But for someone who has been using it for a long time, or knows a lot of the different sets and commands that you need to do for that issue, it's a little give-and-take scenario.

      Which solution did I use previously and why did I switch?

      The company I work for now had the product when I came in.

      In terms of important criteria when selecting a vendor, they include what support is like, how trustworthy the company is, and how they respect their clients.

      How was the initial setup?

      I wasn't involved in the very initial setup, but it had only been configured for a little while and then I was brought on and helped expand the environment.

      For my part, it was pretty complex with what we had in our environment. I made sure we were using the discovery, seeing what we had out there, making sure we're meeting all the regulations that we need to meet. There was also building the reports so the auditors can get the information they need.

      What other advice do I have?

      I would rate it an eight out of 10. To make it a 10 they would need to do streamlining of some of the agent features, some of the patches, make it a little bit more user-friendly on the documentation.

      In terms of advice, I would make sure you do a thorough PoC, that you join the virtual user group that meets once a month, as well as a customer user group that IBM is not involved in, where you can also get some candid questions and answers.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user631725
      Application Architect at a healthcare company with 1,001-5,000 employees
      Real User
      Allows us to be more proactive on alerts, access rights, and types of resources being hit

      Pros and Cons

      • "It's allowing us to be more proactive than reactive on alerts and access rights and types of resources that are being hit. Before, there were a lot of different solutions, but this expanded that out and made it a more holistic solution. It provides centralization of monitoring, instead of multiple, disparate applications. It definitely allows more economies of scale, streamlining, less fragmented use."
      • "We also use IBM Guardium to support security initiatives and compliance policies. For example, our audit area can verify if someone has access to information that they shouldn't have, for their regular job functions."

        What is our primary use case?

        It's being used to identify who is using what data, what resources, what they're using them for, providing audit trails. We also use it to set baselines for usage patterns, to start building cases if there are any erroneous accesses happening, and to start allowing more intuitive alerts.

        So far it's installed. It was a little rocky at the beginning but everything is working pretty well now. I think the baselines have been established and so far it's performing as expected.

        Now that they have the base, they are going to start creating other use cases. I'm not sure what they are, but they are going to start expanding the usage and provide more education to the security staff.

        How has it helped my organization?

        It's another layer to help us identify, especially from audit perspectives. It's allowing us to be more proactive than reactive on alerts and access rights and types of resources that are being hit. Before, there were a lot of different solutions, but this expanded that out and made it a more holistic solution.

        It provides centralization of monitoring, instead of multiple, disparate applications. It definitely allows more economies of scale, streamlining, less fragmented use.

        We also use IBM Guardium to support security initiatives and compliance policies. For example, our audit area can verify if someone has access to information that they shouldn't have, for their regular job functions. For instance, a customer service rep is looking at his ex-wife's records. We can now see all those accesses and we can verify, and if it's true and it wasn't part of their job duties, they can actually be terminated - and a lot of that has happened since.

        In terms of whether it has helped us comply with industry regulations like SOX, PCI, or GDPR, with workflow, reports, and accelerators, I know we're working on becoming high-trust certified, but I'm not part of that process any more. I would have to guess, though, that it has helped, as another tool in the tool box.

        I also think we integrated it with our SIEM tool, and I don't think there were any issues.

        I think the solution will save us time and money. We're still in that "ROI phase" where we're building towards that. I'd give us probably another year to year and a half until we achieve that all back. But every time an inquiry comes in, instead of it taking tens of hours, now it's taking minutes.

        Senior management is definitely aware of the improvements.

        What is most valuable?

        I'm not aware of our using any of the existing advanced features. I was only in on  the initial implementation, so if they have added new things since then, I'm not aware of it.

        What needs improvement?

        If I used it every day I'd probably be able to give you a really good answer. But I don't.

        What do I think about the stability of the solution?

        I haven't heard of any issues. I think it's been pretty stable, once they got over the initial bumps. The bumps were just our staff knowing how much information needed to be monitored, and at what level. I think they were fluctuating between levels of granularity as well.

        What do I think about the scalability of the solution?

        We started out with as much as we could from the beginning. I don't think there have been any issues. It's our internal skill set and maturity with the tool that have been growing. I think it has TAPs in every piece of our data in our datacenter, so it's already been able to scale to what we need.

        How are customer service and technical support?

        I personally haven't used tech support, but I know that during implementation, when they were reaching out, IBM was always really responsive.

        We have a really good relationship with IBM, regarding PMRs being taken care of. We actually have monthly meetings with the sales and technical support staff to make sure everything is being addressed, and they do a good job.

        Which solution did I use previously and why did I switch?

        We knew there was a gap that needed to be filled, I believe, when they engaged IBM. We had some pretty specific, and general, requirements around auditing and security. I don't recall who else they looked at in that space, but IBM seemed to fulfill every requirement we had on our list. And some issues we didn't even know about, because of our level of maturity; you don't know what you don't know, until you find out, "Oh, we can do that?"

        How was the initial setup?

        A lot of it was just knowing where to put all the S-TAPs. There was a lack of skill set on our implementation team, so IBM had a partner come in and help. There was that gap of knowledge that had to be crossed, and once the skill set was built it performed a lot cleaner.

        Which other solutions did I evaluate?

        I don't know. They went through the RFP process and selected the tool, and then I got involved, and then I hopped back out.

        What other advice do I have?

        If it's the vendor or a third-party telling you how things should be set up out of the gate, go with that and don't argue with them. That saves a lot of time.

        I would rate it a nine out of 10. It has done a really good job for us.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        Darren Chaker
        Operator at Halliburton
        Real User
        Top 20
        Provides a unified key management system to help simplify encryption key management

        Pros and Cons

        • "Efficiency is key and IBM Guardium provides information in a heartbeat, but protects the data with military grade encryption."
        • "Security policy enforcement of policy-based encryption and centralized encryption key management allows us to maintain data in a secure environment."
        • "Provides a unified key management system to help simplify encryption key management."
        • "I would like to see IBM Guardium have other encryption algorithms employed."

        What is our primary use case?

        To keep track of client information, index security risks, and other information needed at a moments notice. IBM Guardium performs transparent encryption and decryption provides on the fly encryption without needing to be indoctrinated into lengthy training to use it. 

        How has it helped my organization?

        Efficiency is key and IBM Guardium provides information in a heartbeat, but protects the data with military grade encryption. IBM Guardium is used for file and database security for protecting structured and unstructured data. Security policy enforcement of policy-based encryption and centralized encryption key management allows us to maintain data in a secure environment.

        What is most valuable?

        IBM Guardium provides a unified key management system to help simplify encryption key management. In a large organization, this is a critical feature and IBM went above and beyond while developing the software. 

        What needs improvement?

        Personally, I would like to see IBM Guardium have other encryption algorithms employed, such as DES/3DES or TripleDES, Twofish, Blowfish, or IDEA. I especially would like to see Twofish used, since it is a block cipher designed by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists and is unpatented and open source.

        For how long have I used the solution?

        Less than one year.

        What do I think about the stability of the solution?

        No, IBM Guardium is well designed and compatible with Windows-based computers.  

        What do I think about the scalability of the solution?

        I have not had nor do I know of any such issues. I believe the design of IBM Guardium is perfect for small to large scale settings, and does not reduce accessibility to content with on the fly encryption.

        Which solution did I use previously and why did I switch?

        No, IBM Guardium was already in use. 

        What was our ROI?

        Unknown, since I was not involved with the purchase. 

        What's my experience with pricing, setup cost, and licensing?

        I would suggest to review the type of data, need for security, and if the organizational structure needs the options IBM Guardium provides. 

        Which other solutions did I evaluate?

        No, there was no need to. 

        What other advice do I have?

        Put simply, human error is often the downfall of computer security. When using IBM Guardium, or any encryption software for that matter, use common sense: Encrypt data when not in use, watch where you enter in passwords (not at Starbucks in view of security cameras that can be retrieved by an adversary, or the person next to you), and watch out not to inadvertently install spyware while clicking on a random link. 

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Solution Architect at a financial services firm with 10,001+ employees
        Real User
        Ability to define reports based on SQL query, especially when you have complex report criteria.

        Pros and Cons

        • "Ability to define reports based on SQL query, especially when you have complex report criteria."
        • "Deployment process is very complicated as you need to now all advanced parameters. Almost not possible to figure out for yourself."

        What is most valuable?

        * Quick search

        * Ability to define reports based on SQL query, especially when you have complex report criteria.

        * Stream audit data to 2 collectors simultaneously.

        * GIM passive install. You can connect GIM from Colletor or CM when GIM is running in listening mode.

        How has it helped my organization?

        Can't tell as I did POC only.

        What needs improvement?

        * First of all. GUI and user experience needs to be reworked from scratch. Product management console look like from 90's.

        * Deployment process is very complicated as you need to now all advanced parameters. Almost not possible to figure out for yourself.

        * Central Manager (CM) needs rework to. Some configuration params still needs to be done on collectors locally.

        * Agent statistics is not available by default. You have to make a report and still you will not see all information like data interface activity.

        * Dynamic datasets is rocket science. To make it work you have to build several additional procedure, which make it extremely fragile.

        * Audit data is a single block. if you have several policies you can't purge data for specific policy.

        * Collectors requires enormous amounts of resources comparing to other products available on the market.

        For how long have I used the solution?

        a month only to evaluate this product

        What was my experience with deployment of the solution?

        Yes, during the deployment you get nothing out of the box. You have to manually configure everything. Tune parameters for agent, collectors. Agent deployment is very complicated.

        What do I think about the stability of the solution?

        Yes, scaling the product might be a tricky task as you have to configure parameters locally or collectors or agents.

        What do I think about the scalability of the solution?

        Product looks easily scalable.

        How are customer service and technical support?

        Customer Service:

        SMEs that were together with me during the POC were very technical and did understand their product.

        Technical Support:

        n/a for POC

        Which solution did I use previously and why did I switch?

        Yes we use Imperva SecureSphere, and still use it as Guardium has failed POC. We were not able to replicate our current deployment and some major issues, Guardium had, prevented us from selecting this product.

        How was the initial setup?

        It was extremely complex. Without IBM support it would take years for you to setup infrastructure.


        What about the implementation team?

        Throught the vendor team. These guys were very technical and helped me to understand each steps during the POC

        What was our ROI?

        n/a

        What's my experience with pricing, setup cost, and licensing?

        We haven't talked much about pricing and licencing. But it is not cheap for sure

        Which other solutions did I evaluate?

        We haven't chosen this product.

        What other advice do I have?

        If you have complicated report requirements which involves very specific filtering and/or aggregation. And you have lots of resources in your virtual platform. Then give it a try.

        Also I suggest you take a look at other top grade product like Imperva SecureShere. the reduction in resource requirements is 3 times less and it have plenty of nice features out of the box.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Senior System Administrator IBM Certified Specialist Infosphere Guardium at a financial services firm with 1,001-5,000 employees
        Vendor
        It can provide the logs for the activities performed by the privileged users across the all databases including MSSQL, DB2, Teradata, Oracle Sybase and many more.

        What is most valuable?

        Database activity monitoring (DAM)

        How has it helped my organization?

        It can provide the logs for the activities performed by the privileged users across the all databases (MSSQL, DB2, Teradata, Oracle Sybase and many more) which can avoid the internal frauds and keep data secured. It can also alert if any hackers tried to log-in to the databases from failed login alerts.

        What needs improvement?

        Some improvements were needed in version 9.6, those are covered in version 10 already. If we face any issues or bugs in the product IBM provides the patch on that.

        For how long have I used the solution?

        Since last 4 years I am working on this project and organisation using this sine seven years

        What was my experience with deployment of the solution?

        There are very less or minimal issues deployment those might be due to the human error , IBM documented the all steps in details for the deployment and they are available on internet.

        What do I think about the stability of the solution?

        Yes there was the issue on the high CPU utilisation by Guardium services ,on the database host but IBM has introduce the Guardium service monitoring service(watch dog process) which auto restart the Guardium services when CPU utilisation reach the defined threshold percentage.

        What do I think about the scalability of the solution?

        If you follow the recommended configuration as per the IBM and correct capacity sizing done there is no issues.

        How are customer service and technical support?

        Customer Service:

        8 out of 10

        Technical Support:

        8 out of 10

        Which solution did I use previously and why did I switch?

        NA

        How was the initial setup?

        Initial setup is very easy to perform . this has only 4 level architecture (Central Manager-->Aggregator-->Collector-->Guardium STAP agent)

        What about the implementation team?

        we are implementing In-house with help of documents

        What's my experience with pricing, setup cost, and licensing?

        Little high as compare to other products available in the market but the service provided by vendor is great and there are many additional functionalities as compare to other tools

        Which other solutions did I evaluate?

        NA

        What other advice do I have?

        vast product as there are many features of this product to full fill the customer requirements, and less expertise are the there worldwide.

        Disclosure: My company has a business relationship with this vendor other than being a customer: I worked for the bank , this is very useful tool to secure the information .
        it_user542787
        Senior Middleware Engineer at a tech company with 501-1,000 employees
        Real User
        We used it to harden databases by defining policies for alerting and blocking access to prohibited and restricted data.

        Pros and Cons

        • "Database logging and audit functions are the most valuable features."
        • "I would like to be able to upgrade appliances within major versions without needing to rebuild the appliance."

        What is most valuable?

        Database logging and audit functions are the most valuable features. In some fields like banking, it's very important to be aware of the actions of database users, and ensure that those without the permission to access information do not access it.

        How has it helped my organization?

        We succeeded at hardening our customer databases by defining policies for alerting and blocking access to prohibited and restricted data.

        What needs improvement?

        I would like to be able to upgrade appliances within major versions without needing to rebuild the appliance. Once, I tried to upgrade a Guardium Appliance from v9.5 to v10 and there was no available patch for that. Therefore, the solution was to back up the appliance data, rebuild the appliance with the v10 image and then restore the data. This procedure is highly risky, because you can lose all the data if the restoration does not succeed. Installing a patch is much easier and there is no data loss risk!

        For how long have I used the solution?

        I have used it for 2 years.

        What do I think about the stability of the solution?

        I have not encountered any stability issues.

        What do I think about the scalability of the solution?

        I have not encountered any scalability issues.

        How are customer service and technical support?

        Technical support is unsatisfactory. IBM Support failed to provide me with the v9-v10 upgrade patch as it is suggested on a upgrade roadmap technote.

        Which solution did I use previously and why did I switch?

        Back when I was a developer, I developed an audit trail module in Java/JEE. Obviously, it was not as sophisticated as Guardium.

        How was the initial setup?

        Initial setup was straightforward.

        Which other solutions did I evaluate?

        Before choosing this product, I did not evaluate other options. We implement exclusively IBM products.

        What other advice do I have?

        At first, IBM Guardium may seem complicated, but once you learn the basics, it becomes simple to use.

        Disclosure: My company has a business relationship with this vendor other than being a customer: We're IBM business partners.
        it_user618123
        Senior IT Consultant, Pre-Sales Manager, Project Leader at a tech services company with 51-200 employees
        Consultant
        Fulfills the international standard security requirements, such as PCI DSS.

        What is most valuable?

        • Database Activity Monitoring: Fulfills the international standard security requirements, such as PCI DSS
        • It is very transparent on all of the query access controls of the monitored databases

        How has it helped my organization?

        According to my client, it fulfills the PCI DSS standard requirements that are implemented in his bank.

        What needs improvement?

        The graphics are so lame. I am sure that the latest version of Guardium, Version 10, would have improved it perfectly.

        I see that they have improved the chart and diagram in the latest version of Guardium. However, there are some limitations on how the chart displays the data for analytic needs.

        I am not sure if Guardium has the dashboard design to see the information much better.

        For how long have I used the solution?

        I have used it for three years.

        What do I think about the stability of the solution?

        We did encounter stability issues. Do not upgrade directly to the latest fix pack unless people have confirmed that it is stable.

        What do I think about the scalability of the solution?

        There were no scalability issues.

        How is customer service and technical support?

        Technical support is always available for you. I suggest the following:

        • Call IBM and make a Severity 2 request instead of Severity 3 request.
        • Ask them to provide remote access to your system right away.
        • Prepare the log files that they usually request.

        What's my experience with pricing, setup cost, and licensing?

        They have changed the way of licensing. It is no longer according to your core. It is now based on how many servers you use. The price should be way less expensive.

        Disclosure: My company has a business relationship with this vendor other than being a customer: Optus Solution is an IBM Business partner and I work for Optus. If you are looking for a company or a consultant, you may contact me via my email: lin.guangming2010@gmail.com.
        ITCS user
        Database Security Specialist at a tech services company with 51-200 employees
        Consultant
        Provides database activity monitoring. Can discover databases on your network and find their vulnerabilities.

        What is most valuable?

        • Monitors database activities of end users who are connected to databases (DBAs and developers)
        • Classifies critical objects on the databases
        • Discovers databases on your network
        • Finds vulnerabilities of your databases
        • Blocks critical activities

        How has it helped my organization?

        • Helps us define and monitor critical data in the environment, even when stored in RDBMS, big data, or unstructured files.
        • Helps us to pass compliance audits, such as like HIPAA, SOX, and PCI.

        What needs improvement?

        The blocking and dynamic data masking features need improvement.

        For how long have I used the solution?

        I am working as an IBM partner. We have provided solutions for nearly 50 customers for five years. Most of our customers are banks and telecoms.

        What do I think about the stability of the solution?

        IBM Security Guardium is a mature product. Although it needs agents on the server to monitor their database or file traffic, we did not encounter serious issues so far.

        How are customer service and technical support?

        IBM has three layers for Guardium support. In critical cases, technical support analyzes the issues very quickly to find a solution.

        Which solution did I use previously and why did I switch?

        I did not use another solution before this one.

        How was the initial setup?

        The setup is straightforward. There is an ISO file that is developed by IBM that contains all of the OS and Guardium application files. All that remains to be done is to configure the post-installation settings.

        What's my experience with pricing, setup cost, and licensing?

        Licensing is the worst part of the product. This is because IBM uses Processor Value Units (PVUs) to calculate the license. The customers complain about this.

        In the latest version of the product, there are four types of licenses:

        • DAM (Database Activity Monitoring)
        • DAM Advanced
        • FAM (File Activity Monitoring)
        • FAM Advanced

        If you only need database activity monitoring, then DAM is enough.

        If you need blocking and masking features, you will need the DAM Advanced license.

        Which other solutions did I evaluate?

        I did not evaluate other options. I am an IBM partner.

        What other advice do I have?

        There are three main steps when implementing a Data Activity Monitor (DAM) solution.

        1. Discover and Classify: Find your databases in your environment, and decide which one of them has confidential data that you need to monitor. Classify your data in your database if it includes critical data like personal ID, credit card, or IMEI numbers.
        2. Monitor Activities: Monitor all end-user activities while developing your policy rules and critical activities.
        3. Block Critical Activities: Define and block critical activities to prevent data leakage.
        Disclosure: My company has a business relationship with this vendor other than being a customer: I am an IBM partner.
        ITCS user
        Pre Sales Engineer at a tech services company with 501-1,000 employees
        Reseller
        It provides visibility for the DB activity and secures the customer information in the DB from any misuse.

        What is most valuable?

        All the features are useful for the customer and they have many use cases, especially for DB protection.

        They have a module called Redaction. For query rewriting, it can protect some data stored in the table by the DB admin to return the masked data, in case he tries to view our customer personal information such as phone numbers,names, account number etc.

        In some cases it blocked the bad user from deleting or copying data , For example, in use cases to block creation of the users on the DB without filing forum/ following the company policy.

        How has it helped my organization?

        It provides the customer to help secure the DB, especially for the multi-DB environments. It also provides visibility for the DB activity, secures the customer information in the DB, from any privilege misuse by an insider.

        What needs improvement?

        The FAM module needs to be improved. This module is for file activity monitoring and here if IBM would focus on marketing this part, it will be good as the end-user can monitor any configuration file in servers and not only the DB.

        For how long have I used the solution?

        I have used this solution for around six years.

        What do I think about the stability of the solution?

        Some issues have been experienced but no big issues as such. The solution is 90% stable.

        What do I think about the scalability of the solution?

        We have not encountered any scalability issues.

        How is customer service and technical support?

        I would give the technical support a 9/10.

        How was the initial setup?

        The setup was very easy. It took us around one day to set it up and running.

        What's my experience with pricing, setup cost, and licensing?

        You should make sure of the DB size before you buy the product. It is also important to define the requirement very carefully as it could affect the sizing. You should make sure of the monitoring mode that they would like to apply.

        Which other solutions did I evaluate?

        We looked at the Oracle and Imperva solutions.

        What other advice do I have?

        Take care of the scope and the monitoring mode. Also, if the size of the DB is high then do not do it over virtual.

        Disclosure: My company has a business relationship with this vendor other than being a customer: We're resellers.
        it_user588594
        Security Software Presales Specialist
        Vendor
        Reporting is automated and activity alerts are routed to the appropriate responders.

        What is most valuable?

        Heterogeneous support for data activity monitoring. I have not been able to find any other product that can monitor as many platforms from one application. Guardium can monitor Windows servers, Linux, Unix, mainframe, and big data environments from one policy. Guardium captures data access activity across networks and local connections.

        How has it helped my organization?

        We now have one go-to application for all data monitoring. This has decreased the number of skills needed and enabled a faster route to compliance. Reporting is automated and activity alerts are routed to the appropriate responders.

        What needs improvement?

        While Guardium is great at structured monitoring (DAM), the product is lacking features on the file activity side (FAM). We would also like to see tighter integration with Active Directory and Exchange monitoring.

        For how long have I used the solution?

        I have been using Guardium for seven years.

        What do I think about the stability of the solution?

        We had some minor issues with earlier versions around agent compatibility. These were solved through support.

        What do I think about the scalability of the solution?

        Guardium scales easily. Simply add another collector appliance and the system will balance the load across all available appliances.

        How are customer service and technical support?

        IBM support has been responsive and we rarely need to escalate.

        Which solution did I use previously and why did I switch?

        Previously, we were using home grown scripts and native database tools. The issue with this approach is the need for expertise on every platform and ending up with dozens of tools to manage.

        How was the initial setup?

        Guardium is an enterprise class product and, with that, does require some training. I would suggest any enterprise looking to implement Guardium to purchase some amount of services. There is an option for Quickstarts. Once you understand how the agents work and have setup the first few, the rest are relatively simple. The real work is aligning your business goals with the Guardium policies you create. We often know we need to monitor a system but are not exactly sure what policy is needed. There has to be collaboration between IT, business owners, and compliance.

        What's my experience with pricing, setup cost, and licensing?

        Previously, Guardium fell under the IBM PVU license model. This was complicated to license and costly. The new license structure is per server and includes all features. Now we simply count the number of servers to monitor and purchase accordingly.

        Which other solutions did I evaluate?

        Besides native database auditing, which is very resource intensive, and homegrown tools, there are not a lot of options out there. The closest competitor is Imperva. Imperva is a close second. We chose Guardium over Imperva based on the ability for greater custom reporting, more platform support, and better integration with other IT tools.

        What other advice do I have?

        Buy services. You do not need to have services for the entire implementation, but, at a minimum, invest in the Quickstart option to get up and running and to provide knowledge transfer. Once Guardium is installed on a few systems, it is very easy to add and manage.

        Disclosure: My company has a business relationship with this vendor other than being a customer: My company sells, implements, and manages this product.
        it_user589479
        Security Consultant at a energy/utilities company
        Consultant
        Captures data requests from various sources and consolidates them for analysis.

        What is most valuable?

        It captures all data requests regardless of the source and consolidates them for analysis.

        How has it helped my organization?

        The ability to audit across multiple data environments led to a greater understanding of the data traffic and the potential weaknesses in the access controls. This eased the creation of audit trails for customers.

        What needs improvement?

        Reporting has always been a weakness, but it has improved across the versions. In early versions, the reporting always seemed like a late add-on, and the graphics were poor. This has improved over the years and the reporting is a lot better now, with greater filtering and display options.

        For how long have I used the solution?

        I have used this solution with various clients for ten years.

        What do I think about the stability of the solution?

        There were issues with stability of the agent software in previous versions, but it is less of an issue now.

        What do I think about the scalability of the solution?

        The only issues are when users have not maintained the collection policies or the archiving and aggregation policies correctly. Units can fill up if not maintained and managed.

        How are customer service and technical support?

        Over the years, it has changed many times, but the US support is very good.

        Which solution did I use previously and why did I switch?

        I have often replaced internal database auditing features with Guardium. The main reason for the switch was to segregate the auditing from the database administrators.

        How was the initial setup?

        It is very dependent on the environment in which it is being installed. It can be complex if users do not take the time to build their policies carefully.

        What other advice do I have?

        Take your time. Think about the elements you want to audit. Don't just audit everything. Understand the normal traffic, so you can focus on the abnormal traffic.

        Disclosure: My company has a business relationship with this vendor other than being a customer: I am a freelance implementer for the product, so I am known to the company and they have used me in the past.
        it_user593442
        Technical Specialist/Consultant Ibm at a tech services company with 5,001-10,000 employees
        Consultant
        Monitors database activity, and blocks firewalls and malicious connections.

        What is most valuable?

        The main features are database activity monitoring and firewall feature blocking.

        How has it helped my organization?

        I'm working as a consultant for security products. I'm not a user of this product. Guardium is helping customers to get insights into who is accessing company data, when they are doing it, and from which location.

        Guardium can block malicious connections to the databases. For example, if someone is accessing sensitive data in a production database during non-working hours, Guardium can block this connection.

        What needs improvement?

        I would like to see a better GUI. IBM is working on GUI improvements with every new release.

        For how long have I used the solution?

        I have used this solution for five years.

        What do I think about the stability of the solution?

        I did not encounter any issues with stability.

        What do I think about the scalability of the solution?

        The system is scalable.

        How is customer service and technical support?

        Technical support is fast and responsive. The typical response time is less than two hours.

        How was the initial setup?

        The initial setup is relatively simple. It depends on how many collectors and aggregators are in the setup and the number of databases included in the monitoring solution.

        After the initial setup, the level of complexity depends on the customer’s needs.

        What other advice do I have?

        Ask for a PoC project and then decide.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user551505
        Senior Advisory Consultant - Cyber Security Practice at a consultancy with 10,001+ employees
        Consultant
        The Data Activity Monitor covers data warehouses and file shares. It helped control excessive administrator rights to databases.

        What is most valuable?

        It’s available as a hardware appliance as well as software. This provides flexibility as to how you want to deploy the tool.

        It can automatically locate DBs, as well as discover and classify sensitive data.

        Data Activity Monitor covers what appears to be every DB imaginable, even data warehouses and file shares.

        It allows administrators to enforce trigger alerts built around predefined policies, so that any access to sensitive data can be tracked and blocked if necessary.

        How has it helped my organization?

        It helped control excessive administrator rights to databases and automated the compliance auditing process.

        It located/discovered unknown databases and the sensitive data that existed in those databases.

        What needs improvement?

        There was a slight performance tax on the system and load balancing could be better. We would also like more robust reporting.

        For how long have I used the solution?

        I have used Guardium for six months.

        What do I think about the stability of the solution?

        Once it was installed and implemented, it seemed to be a very stable product.

        What do I think about the scalability of the solution?

        This is definitely a scalable product. You can build out a basic stand-alone architecture with one collector all the way to enterprise wide architecture that covers multiple datacenters and continents.

        How are customer service and technical support?

        I never interacted with tech support.

        Which solution did I use previously and why did I switch?

        No previous or different solution was used.

        How was the initial setup?

        If I remember correctly, the setup was a bit complex; not so much the installation, but a lot of tweaking and tuning of policies, setting up traffic filters, whitelisting the traffic, and so on.

        What's my experience with pricing, setup cost, and licensing?

        I was not privy to this information.

        Which other solutions did I evaluate?

        I wasn’t part of the evaluation for the tool.

        What other advice do I have?

        Try to have a dedicated team. There are a lot of moving parts and you need take a hands-on approach. It doesn’t come configured out of the box.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user549432
        Senior IT Consultant at a government with 1,001-5,000 employees
        Vendor
        It can capture database queries and use policies to feed SIEM tools for deeper correlation and for analysis. It gives us a tamper-proof audit of logged data.

        What is most valuable?

        The Data Activity Monitor is the most valuable feature of this product.

        It has the capability to capture database queries and is using policies to feed SIEM tools for deeper correlation and for analysis of cyber security concerns on monitored databases.

        How has it helped my organization?

        It provides our organization with an integrated and tamper-proof audit of logged data to ensure that the database activities are checked and operating according to the industrial best practices.

        What needs improvement?

        The maintenance and support aspects of the product need improvement.

        Probably, it should be more related to the product patching method. Even though the support service was great, the resolution doesn't comes quick enough to address the client's issue. We understand those resolutions only exist in the next patch version after quality testing. However, till that release comes out, we have to suffer in silence with the bug issues.

        For how long have I used the solution?

        I have used this solution for around two and half years.

        What do I think about the stability of the solution?

        We have encountered issues with stability.

        What do I think about the scalability of the solution?

        We have encountered issues with scalability.

        How are customer service and technical support?

        I would give the technical support a 7/10 rating.

        Which solution did I use previously and why did I switch?

        We were not using any other product prior to this one.

        How was the initial setup?

        The setup was not straightforward. There was some level of complexity in setting it up.

        What's my experience with pricing, setup cost, and licensing?

        Ensure what you want to protect, since it is charged as per the database instances.

        Which other solutions did I evaluate?

        We evaluated a couple of other options.

        I would not like to discuss this much as it affects the other companies' image and integrity. The competitive products have their own good and bad.

        What other advice do I have?

        You need to know what you want to protect very well.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        BI Consultant /Data Security at a tech services company with 51-200 employees
        Consultant
        You can divide roles, creating safe access zones; manage credentials; and access rules.

        What is most valuable?

        • Detailed and customizable reports with real-time alerts for the full vision of database/files activity.
        • Versatile rules for access control in real-time including blocking, masking, etc.: These rules are really helpful to fulfill enterprise security specifications. With them, you could divide roles, creating safe access zones; manage credentials; and access rules. The rules are easy to develop and customize.

        What needs improvement?

        • UI: Version 10 of Guardium was introduced with a new UI that was completely redesigned. Some fast-access functions and options are not easy to find in the new UI.
        • Real-time masking is a bit simple and doesn't allow you to create complex masking rules.

        For how long have I used the solution?

        I have about one year of hands-on experience.

        What do I think about the stability of the solution?

        I have not encountered any stability issues.

        What do I think about the scalability of the solution?

        I have not encountered any scalability issues.

        How are customer service and technical support?

        Technical support is 9/10. I participated in communication with tech support only once.

        Which solution did I use previously and why did I switch?

        I did not previously use a different solution.

        How was the initial setup?

        Initial setup is straightforward. All the commands are simple to understand. The installation guide is simple and comprehensive.

        Which other solutions did I evaluate?

        Before choosing this product, I evaluated Imperva products.

        What other advice do I have?

        This product could by easily used with other security products; for example, SIEM products such as IBM QRadar and ArcSight.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        Farhan Tariq
        Information Security Analyst at a government with 1,001-5,000 employees
        Real User
        The query rewrite and redaction functions provide flexible/dynamic control of our data.

        What is most valuable?

        The database activity monitoring and firewall features of Guardium address our database security requirements. The combination of policies, alerts, baselines, reports, and query rewrite functions are easy to use and provide enough room for customization.

        How has it helped my organization?

        It provides us more visibility and control of our business functions. The query rewrite and redaction functions also provide flexible/dynamic control of our data, which is indeed helpful for complex scenarios.

        What needs improvement?

        The backend database requires improvement for faster searching. This makes it easier for analysts to investigate older data.

        For how long have I used the solution?

        I have been using Guardium since mid-2013.

        What do I think about the stability of the solution?

        I did not encounter any major stability issues in the last three years, except a couple of minor issues with S-TAP agents.

        What do I think about the scalability of the solution?

        The solution is easily scalable.

        How is customer service and technical support?

        I mostly get quick support although I did not encounter any complex error yet. I rate technical support at 7/10.

        How was the initial setup?

        The installation and configuration of a collector is simple and straightforward. The ease of deployment is dependent on whether you choose agent-based monitoring or network traffic, SPAN-based monitoring.

        What's my experience with pricing, setup cost, and licensing?

        The Guardium licensing is based on PVU and as a result, the solution became a bit costly. I am not aware of the licensing and pricing model of its competitors. But if the focus is pricing, then one can consider other options as well.

        Which other solutions did I evaluate?

        We were considering DbProtect but at that time, DbProtect had no support for Teradata.

        What other advice do I have?

        If you have enough budget for database security, you must evaluate this product for your use cases.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user560268
        Information Security Engineer at a financial services firm with 10,001+ employees
        Real User
        With the GIM, you can remotely enable/disable, install and upgrade the S-TAP agent. DB user profiling should be part of the auditing systems.

        What is most valuable?

        For us, the most valuable features are the auditing capabilities and the Guardium inspection engine. The GIM (Guardium Installation Manager) makes it easy to manage the S-TAP agent. You can enable/disable, install and upgrade remotely with no need for the system administrator.

        What needs improvement?

        DB user profiling is something that should be part of Guardium auditing systems.

        Also, reporting is not user friendly as compared to other tools. Moreover, for each report, you have to create an audit policy to create the report. It should be policy-based.

        For how long have I used the solution?

        We have been using Guardium for 2 years.

        What do I think about the stability of the solution?

        We did experiences a few system crashes.

        How is customer service and technical support?

        Technical support is very good.

        How was the initial setup?

        The initial setup was complex.

        Which other solutions did I evaluate?

        We also looked at McAfee and Fortinet.

        What other advice do I have?

        I would consider IBM brand value.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        Buyer's Guide
        Download our free IBM Guardium Data Protection Report and get advice and tips from experienced pros sharing their opinions.
        Quick Links