IBM Security Guardium Data Protection Room for Improvement
The integration part of the present solution is very complex and tedious. Plus it gives a lot of false positives which need to be eradicated over time.
While integrating it with my existing infrastructure, it was a pain area initially, because primarily it took me a lot of time to educate users. From the configuration part with the existing system, the agent installation and collecting logs from the system and then finally bringing it back to the Guardium is quite complex.
In the next release, I would like these to be improved and implemented.
View full review »
Right now, we're in the development phase for IBM Guardium Data Protection, so I don't have any recommendations about additional features and room for improvement in the solution. We're very excited to work on IBM Guardium Data Protection because we are new to the solution, and we're still exploring product features. We're very excited about integrations and use case creation, and it's only after six to eight months that I'll be able to share my recommendations in terms of additional features the solution should have.
We did find some difficulty in deploying IBM Guardium Data Protection here in Pakistan because of the lack of resources.
View full review »IBM should add more database security features to Guardium. They could add user profiling, anomaly detection, and machine learning. IBM has user profiling, but they need to strengthen it. It should make sense for the users. It should remove most of the false positives.
Anomaly detection would help. Let's say you had a thousand anomalies and 990 are false positives. Who will take care of this? People will simply ignore all 1,000. They need to improve a lot in this area. They're coming out with a new product called Guardium Insights. It will be able to store more data, and its algorithm will be stronger. That will probably fix all my concerns. They have yet to release the beta version.
View full review »Buyer's Guide
IBM Security Guardium Data Protection
March 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
An area for improvement in IBM Guardium Data Protection is automation. I would want it to be more automated, as it runs too much on manual processes. More processes should be automated on the application.
For example: I want a learning environment where IBM Guardium Data Protection can learn the behavior of an environment, e.g. it should be more intelligent, because there is no intelligence yet on the application. It should be able to learn, e.g. you cannot try to block IBM Guardium Data Protection, in general. This is what I want to see: I want to be able to block it, in general.
I want the application to be able to learn, and learn from the environment. IBM should try to bring in more of e-learning to the application. That's another thing that's missing.
What I'd like to see in the next release of IBM Guardium Data Protection is for them to make resources available for the end users to be able to do a self-study, to understand more deeply how the environment works. Having user guides so people can learn more on what the application can do, about its operations, etc. I would like them to occasionally give users tips, e.g. how to do something, how to make your work easy, etc. This is how they can add value, in particular give more value for money, as they give valuable tips, just like how Microsoft does it, for example: "You can use IBM Guardium Data Protection to do this", then they should explain how to do it.
View full review »The only downside is that the deployment is complex and requires special expertise to deploy.
View full review »I've found that the backup and recovery is very resource-hungry and requires a huge amount of available storage capacity along with other components, such as processing the RAM. We have a need for 200 GB of data to restore. Reporting needs to be improved as does integration capability with the other DBs. From a technical perspective, reporting is good but not from the management perspective. Due to the legacy application, there is sometimes another version of the DB that is not supported and requires a restart which is a very technical aspect of running applications.
DL
Dr. Sajid Latif
Public Sector Specialist at Interactive Group
They could enable the out-of-the-box feature to track application user activity. It will help us observe the activities closely. Another area for potential improvement is implementing a feature for rate limiting the observed set returned to the client against security in a particular session.
I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments.
I'd also like to make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it.
The user groups are really good for giving them feedback. I've seen, over the years, that they take a lot of that customer feedback and they actually implement some of those changes.
View full review »The solution lacks control over database security.
View full review »The solution's pricing should be reduced because it is very high. The solution could be improved for NoSQL databases. From the functionality point of view, the solution has almost everything you need for your database. Overall, the product's functionalities align with the customer's needs.
View full review »LW
Lawrence Wells
IT Security Manager at a healthcare company with 10,001+ employees
One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data.
Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today.
DC
Darren Chaker
Operator at Halliburton
Personally, I would like to see IBM Guardium have other encryption algorithms employed, such as DES/3DES or TripleDES, Twofish, Blowfish, or IDEA. I especially would like to see Twofish used, since it is a block cipher designed by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists and is unpatented and open source.
View full review »MW
reviewer1633014
DBA at a manufacturing company with 10,001+ employees
In general, I find the solution a little complicated to use. Another problem is that we have encrypted traffic on Oracle and it requires a database outage. That's creates problems because you're monitoring critical systems and they don't like outages.
Since we are resellers we do not have enough information about the technical aspects and the areas of improvement. However, one consistent report that we receive from our customers is that IBM does not offer timely support due to the size of the organisation. It would be great if they could improve their response time.
View full review »VT
Viswanath Tharigonda
Inforomatica tech lead at a tech vendor with 10,001+ employees
Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.
KA
Khaled AlKadi
Sales Director at Jordan Business Systems
The only issue is opening the remote connection to the client. IBM needs to focus more on improving remote connectivity. Microsoft and Cisco provide remote connectivity and have gained customer appreciation.
The solution needs some functionality or features to be added. It might not cover Big Data.
There was a slight performance tax on the system and load balancing could be better. We would also like more robust reporting.
View full review »Initially it did not have support external applications like, say, Tableau, ServiceNow, Remedy, and the like. They have started growing into it, but I would like to have more and more integration with outside applications. So that, let's say my one of my application owners has Tableau and wants to directly report on that; if I can just pick and see that report with one click, that would help.
View full review »BD
reviewer841896
Information Security Analyst Consultant at a insurance company with 10,001+ employees
Overall testing and quality need improvement. It is fairly buggy at times, so it feels like it could use additional staff on the product, testing and trying it out.
I would like to see a lot of additional reporting and analytics features. They have basic outlier detection, but I would love to see that go further, and model it after analytics tools like Splunk. If the product could integrate with Splunk, or mimic it, it would provide a lot of value.
View full review »SW
Suhail Wagle
Sr. Network Specialist at a tech services company with 501-1,000 employees
IBM Guardium Data Protection is a mature product. There is a lot of encryption that is not owned by IBM and is done by a third party and is not an integral part of the solution.
View full review »BH
reviewer1458435
DBA Dept. Manager at a computer software company with 501-1,000 employees
The installation should be a bit easier. It's pretty hard to implement right now.
The solution is very expensive. It's expected, as IBM is known to be pricey. It would be nice if they could make it cheaper.
As we are still in the process of implementing the product, it's hard to discuss the features and what might be missing, or could be added. We need more time with the solution to see how it works or what's missing.
View full review »The reporting on the solution is weak. It needs to be improved and enhanced. From a management point of view, it's really important to have reports. They should be offering easily extractable reports that we, as users, can benefit from.
The technical support is very poor.
Integrations are difficult to configure upon the initial setup.
The solution needs to offer data encryption.
View full review »We have made a list of RFIs. There are features like end-to-end and S-TAP mapping, and the ability to install policies for your configuration builder. They're not there, but we'd like to see them in the next version.
View full review »Right now we're having some issues where it's using a high CPU, we don't know why. So, better testing before the product is ready would help.
View full review »RM
reviewer1161831
Senior Analyst at a energy/utilities company with 10,001+ employees
I would like to see improvements in scalability and easier installation.
View full review »* First of all. GUI and user experience needs to be reworked from scratch. Product management console look like from 90's.
* Deployment process is very complicated as you need to now all advanced parameters. Almost not possible to figure out for yourself.
* Central Manager (CM) needs rework to. Some configuration params still needs to be done on collectors locally.
* Agent statistics is not available by default. You have to make a report and still you will not see all information like data interface activity.
* Dynamic datasets is rocket science. To make it work you have to build several additional procedure, which make it extremely fragile.
* Audit data is a single block. if you have several policies you can't purge data for specific policy.
* Collectors requires enormous amounts of resources comparing to other products available on the market.
View full review »VN
Velly Nusmir
Senior Manager at PT Permata Anugerah Abadi
There could be a feature to integrate and protect multiple databases. The local support services need improvements as well.
View full review »AF
AhmedFattah
CyberSecurity Leader Specialist at KLNCIT
The documentation could be better.
View full review »One thing I'm always thinking with regard to Guardium Data Protection is that, when compared to Oracle AVDF, Oracle's often got the upper hand when it comes to the standard features. So I believe that needs to be addressed by IBM.
Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF. Considering the competitive benefits that AVDF is providing compared to Data Protection, I can see that some improvement is required in terms of the firewall-related features.
Another observation I have is that industry resources are not available to handle this product, and I believe that deployment should be much easier than what we have right now. I'm thinking along the lines of some kind of wizard that makes it easier for users to get started right away. For example, to make it so they can do the deployment easier with drag and drop, etc.
It has to be more user-friendly so that anybody can deploy it, anybody can adopt it, and anybody can do the configuration. It has to be built in such a way that even if you are not a product expert, whether from IBM or otherwise, or that if you know only Word, then you can still configure it. So they have to offer that flexibility in the product.
They can hide the complexity by bringing in more GUI elements so that people can more easily get on board. And also they can introduce the knowledge base side by side so that whenever they are using the product, they can quickly check what exactly needs to be configured. You have Redbooks, and Redbooks can help but maybe they can include something extra. While users are installing maybe IBM can put in some guidance, "Okay, if you do this then you configure this and that."
At the same time, the market has lots of Oracle expertise here. But for IBM, there are no local resources available, and we are highly reliant on external resources. So, I would highly recommend that IBM initiates something like a certification campaign for the end user, as well as for the partner. As a partner, we are trying to do our level best, but I believe it would really benefit users for IBM to come up with some pre-certification campaigns like AWS and Azure do, especially in terms of how they promote their products through learning.
What I believe is that, in order to establish the product in the market, IBM has to invest in developing resources. IBM need to strategize in such a way that it's not just selling. IBM has to develop the resources within the industry, so that there's more word of mouth; people are now talking about AVDF, because they only know about AVDF.
AA
AppMainfaf77
App Mainframe And Storage at a financial services firm with 1,001-5,000 employees
This would be a question for one of the technical folks, probably not for me.
View full review »Some improvements were needed in version 9.6, those are covered in version 10 already. If we face any issues or bugs in the product IBM provides the patch on that.
View full review »MH
mehrab hussain
Junior Software Engineer at a computer software company with 201-500 employees
It would be helpful, and convenient to improve the Chat support.
View full review »My only negative thing on Guardium would be it is too smart. I am struggling getting through to social. In an ideal world, I would be able to populate every US zip code and have Guardium find the number, then identify it as a zip code. Right now, I have to pull it down and compare it.
View full review »More cloud support.
View full review »If I used it every day I'd probably be able to give you a really good answer. But I don't.
View full review »QN
Quan Ngo
Sales leader at EFH
I would like to see AI and machine learning added in the future.
View full review »VD
Victor Díaz Bañales
Socio Director at RAMDIA
The most important requirements for us are integration with new database solutions and the ability to manage things like Jailbreak or something like that.
Its reduction feature can also be improved. It has a functionality called reduction, which is like masking data, but it is just a replacement of characters. Sometimes the customer needs more than this. It would be good if it was more advanced or complete.
We also have a problem with this solution because the IBM aggregator isn't working very well. IBM has created big data intelligence for Guardium, and occasionally, customers need three or four months of data, but they can't run it from the collectors.
It can have a better dashboard and more pre-defined use cases for those customers who don't have any idea about data protection or don't have expert personnel in this area. For example, they can include five use cases for banks and five use cases for retail.
AV
AjaiVictoria
Information Technology Consultant at Aeries Technology Group
Sometimes the connectors to the databases need to be manually updated and we have to configure them again, which is something that should be improved.
View full review »Get rid of the collectors. Stream the data directly from the agents to the Big Data link.
View full review »DB user profiling is something that should be part of Guardium auditing systems.
Also, reporting is not user friendly as compared to other tools. Moreover, for each report, you have to create an audit policy to create the report. It should be policy-based.
View full review »SK
reviewer1290021
VP - Enterprise Security & Cloud Business at a tech vendor with 1,001-5,000 employees
With these solutions, flexibility is always an issue and that applies to Oracle and other similar products. Integreon, which is much smaller in size, is likely to be more flexible than IBM.
There is a big concern here in India about deploying on cloud so the one thing I would like to see in the next release is a fast option from IBM that is hosted from their India cloud data center.
MT
Databasefec0
Database Administrator at a healthcare company with 10,001+ employees
I would like them to support cloud services.
View full review »AK
reviewer893706
CTO at a tech services company with 11-50 employees
The analysis part of this product could be improved. It's a very comprehensive product, so the features it has complement customer requirements. But I would like to see more emphasis on analytics, and it would be great if they added machine learning. They already have analysis insights, but a comprehensive analytical feature that's already incorporated into the solution would be very helpful.
View full review »MN
Securead44
Trusted Security Advisor at a tech services company with 501-1,000 employees
The biggest complaint that I hear from customers and users is that using this solution requires database skills, yet it is a security and monitoring tool. Specifically, it is a tool that is used for monitoring the database administrator. The database expert will not want you to implement control on top of him, so you instead need to utilize a person from security. However, security people do not have a complete set of database skills. So, there is always a gap in the administration and the person who is going to manage this tool. As such, the person using this tool feels that it is complicated, doesn't know where to go and what to do.
I have heard that the latest version has better support, with better access, and a better GUI that is easier to use than before. At the same time, this is still one of the main concerns that I always hear from the customers.
The second most common complaint that I hear is in regards to the support from IBM. Some of the cases are open for a very long time because they do not have local engineers to come and look at the issues. In our region, my company is providing 24/7 support to help close these gaps. This has strengthened our presence in the market, but in other regions, this is still a complaint that customers have.
View full review »While Guardium is great at structured monitoring (DAM), the product is lacking features on the file activity side (FAM). We would also like to see tighter integration with Active Directory and Exchange monitoring.
View full review »The maintenance and support aspects of the product need improvement.
Probably, it should be more related to the product patching method. Even though the support service was great, the resolution doesn't comes quick enough to address the client's issue. We understand those resolutions only exist in the next patch version after quality testing. However, till that release comes out, we have to suffer in silence with the bug issues.
View full review »The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that. It was built by the guy who helped develop Guardium but left IBM and spun up his own company. They found a need and they filled it. I think they filled it better than at least IBM thinks they can do for now.
View full review »I would like to be able to upgrade appliances within major versions without needing to rebuild the appliance. Once, I tried to upgrade a Guardium Appliance from v9.5 to v10 and there was no available patch for that. Therefore, the solution was to back up the appliance data, rebuild the appliance with the v10 image and then restore the data. This procedure is highly risky, because you can lose all the data if the restoration does not succeed. Installing a patch is much easier and there is no data loss risk!
View full review »It will not go as fast as you want.
View full review »- There are some GUI improvements that I have provided to development already.
- Performance and the ability to use resources could be improved.
- The ability for Central Managers to talk to one another could be improved. I have 26 Central Managers and 26 silos which are independent.
- Some of the data handling or data recording could be improved. We are doing it with external software, components, etc.
Lower pricing would always be good but apparently we're getting our money's worth or we wouldn't be using it.
View full review »The blocking and dynamic data masking features need improvement.
View full review »Reporting has always been a weakness, but it has improved across the versions. In early versions, the reporting always seemed like a late add-on, and the graphics were poor. This has improved over the years and the reporting is a lot better now, with greater filtering and display options.
View full review »FT
Farhan Tariq
Information Security Analyst at a government with 1,001-5,000 employees
The backend database requires improvement for faster searching. This makes it easier for analysts to investigate older data.
View full review »CR
reviewer1830612
Head, Cybersecurity at a tech services company with 11-50 employees
An improvement would be to make the pricing relative in terms of regions. In the next release, IBM should incorporate more AI capabilities to better detect vulnerabilities.
View full review »ND
reviewer1131528
Technical Manager at a computer software company with 51-200 employees
If IBM Guardium Data Protection could find a way to not have a lot of coding and development required to get the solution up and running it would be an advantage. The information of the agent could improve, which is necessary for us to monitor the databases would be a great benefit.
View full review »They could improve the Data Masking a little.
View full review »- UI: Version 10 of Guardium was introduced with a new UI that was completely redesigned. Some fast-access functions and options are not easy to find in the new UI.
- Real-time masking is a bit simple and doesn't allow you to create complex masking rules.
MS
reviewer1681524
Security Specialist at a tech services company with 51-200 employees
Guardium's storage capabilities could use some improvement. I'd also like to have some better integration using digital technology or a connector.
View full review »SM
Sidney Monteiro
Information Security Analyst at a tech services company with 501-1,000 employees
I have already mentioned to IBM that a primary need is to improve the number of records in the reports above 65,535.
View full review »An integration with Optum. Optum is another solution, but it is a segmenting software, portfolio not security. However, I am selling them together as one solution, Guardium and Optum.
The graphics are so lame. I am sure that the latest version of Guardium, Version 10, would have improved it perfectly.
I see that they have improved the chart and diagram in the latest version of Guardium. However, there are some limitations on how the chart displays the data for analytic needs.
I am not sure if Guardium has the dashboard design to see the information much better.
View full review »EW
Wainai2
IT Security Analyst at a tech services company with 11-50 employees
Needs easier integration with custom applications.
View full review »More predictive, using Watson AI would be good.
View full review »The FAM module needs to be improved. This module is for file activity monitoring and here if IBM would focus on marketing this part, it will be good as the end-user can monitor any configuration file in servers and not only the DB.
View full review »TA
reviewer1360929
Information Security Consultant at a tech services company with 51-200 employees
The price of this solution is quite high for smaller organizations, so they should release a version that is affordable for small and medium-sized businesses.
View full review »I would like to see a better GUI. IBM is working on GUI improvements with every new release.
View full review »VG
reviewer933939
Security Engineer at a tech services company with 501-1,000 employees
An area for improvement would be the user interface - currently, it takes around two to three months to become comfortable using it. In the next release, I would like to see more integration with other vault vendors.
View full review »Buyer's Guide
IBM Security Guardium Data Protection
March 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.