IBM Security Guardium Data Protection Room for Improvement

Usman Rasool - PeerSpot reviewer
VP - Head Enterprise Technology Infrastructure at MCB Islamic Bank Ltd.

The integration part of the present solution is very complex and tedious. Plus it gives a lot of false positives which need to be eradicated over time.

While integrating it with my existing infrastructure, it was a pain area initially, because primarily it took me a lot of time to educate users. From the configuration part with the existing system, the agent installation and collecting logs from the system and then finally bringing it back to the Guardium is quite complex.

In the next release, I would like these to be improved and implemented.

View full review »
Farkhund Abbas - PeerSpot reviewer
Internet Security Specialist at National Bank of Pakistan

Right now, we're in the development phase for IBM Guardium Data Protection, so I don't have any recommendations about additional features and room for improvement in the solution. We're very excited to work on IBM Guardium Data Protection because we are new to the solution, and we're still exploring product features. We're very excited about integrations and use case creation, and it's only after six to eight months that I'll be able to share my recommendations in terms of additional features the solution should have.

We did find some difficulty in deploying IBM Guardium Data Protection here in Pakistan because of the lack of resources.

View full review »
DevidharsanJ - PeerSpot reviewer
Information Security Engineering Consultant at Optum

IBM should add more database security features to Guardium. They could add user profiling, anomaly detection, and machine learning. IBM has user profiling, but they need to strengthen it. It should make sense for the users. It should remove most of the false positives.

Anomaly detection would help. Let's say you had a thousand anomalies and 990 are false positives. Who will take care of this? People will simply ignore all 1,000. They need to improve a lot in this area. They're coming out with a new product called Guardium Insights. It will be able to store more data, and its algorithm will be stronger. That will probably fix all my concerns. They have yet to release the beta version.

View full review »
Buyer's Guide
IBM Security Guardium Data Protection
March 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Peter Arabomen - PeerSpot reviewer
Security Engineering, Team Lead at Fidelity Bank Plc

An area for improvement in IBM Guardium Data Protection is automation. I would want it to be more automated, as it runs too much on manual processes. More processes should be automated on the application.

For example: I want a learning environment where IBM Guardium Data Protection can learn the behavior of an environment, e.g. it should be more intelligent, because there is no intelligence yet on the application. It should be able to learn, e.g. you cannot try to block IBM Guardium Data Protection, in general. This is what I want to see: I want to be able to block it, in general.

I want the application to be able to learn, and learn from the environment. IBM should try to bring in more of e-learning to the application. That's another thing that's missing.

What I'd like to see in the next release of IBM Guardium Data Protection is for them to make resources available for the end users to be able to do a self-study, to understand more deeply how the environment works. Having user guides so people can learn more on what the application can do, about its operations, etc. I would like them to occasionally give users tips, e.g. how to do something, how to make your work easy, etc. This is how they can add value, in particular give more value for money, as they give valuable tips, just like how Microsoft does it, for example: "You can use IBM Guardium Data Protection to do this", then they should explain how to do it.

View full review »
Alaeddin  Awwad - PeerSpot reviewer
Manager - Security Solutions at Mannai

The only downside is that the deployment is complex and requires special expertise to deploy.

View full review »
AsifIqbal - PeerSpot reviewer
Chief Information Security Officer at a financial services firm with 1,001-5,000 employees

I've found that the backup and recovery is very resource-hungry and requires a huge amount of available storage capacity along with other components, such as processing the RAM. We have a need for 200 GB of data to restore. Reporting needs to be improved as does integration capability with the other DBs. From a technical perspective, reporting is good but not from the management perspective. Due to the legacy application, there is sometimes another version of the DB that is not supported and requires a restart which is a very technical aspect of running applications.

View full review »
DL
Public Sector Specialist at Interactive Group

They could enable the out-of-the-box feature to track application user activity. It will help us observe the activities closely. Another area for potential improvement is implementing a feature for rate limiting the observed set returned to the client against security in a particular session.

View full review »
it_user840906 - PeerSpot reviewer
Senior information security analyst at PFG

I'd like to see a smoother GUI interface for the CAS agent - CAS does configurations on the database - to interface better with the vulnerability assessments.

I'd also like to make sure that the data sources can be more easily managed, because some of them are tied to multiple things. You try to remove one and you have to go to all the different spots to remove the associations before you can get rid of it.

The user groups are really good for giving them feedback. I've seen, over the years, that they take a lot of that customer feedback and they actually implement some of those changes.

View full review »
MUHAMMADNADEEM1 - PeerSpot reviewer
Deputy Director at Board Of Revenue

The solution lacks control over database security.

View full review »
Ile Ristov - PeerSpot reviewer
Sales Manager at InTec System

The solution's pricing should be reduced because it is very high. The solution could be improved for NoSQL databases. From the functionality point of view, the solution has almost everything you need for your database. Overall, the product's functionalities align with the customer's needs.

View full review »
LW
IT Security Manager at a healthcare company with 10,001+ employees

One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

View full review »
DC
Operator at Halliburton

Personally, I would like to see IBM Guardium have other encryption algorithms employed, such as DES/3DES or TripleDES, Twofish, Blowfish, or IDEA. I especially would like to see Twofish used, since it is a block cipher designed by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists and is unpatented and open source.

View full review »
MW
DBA at a manufacturing company with 10,001+ employees

In general, I find the solution a little complicated to use. Another problem is that we have  encrypted traffic on Oracle and it requires a database outage. That's creates problems because you're monitoring critical systems and they don't like outages.

View full review »
Olawale Ayuba - PeerSpot reviewer
Head Management GRC and Privacy Solution at a tech consulting company with 11-50 employees

Since we are resellers we do not have enough information about the technical aspects and the areas of improvement. However, one consistent report that we receive from our customers is that IBM does not offer timely support due to the size of the organisation. It would be great if they could improve their response time.

View full review »
VT
Inforomatica tech lead at a tech vendor with 10,001+ employees

Unfortunately, we're unable to use this solution for a NoSQL database, which is limiting. The UI needs to be improved so that instead of everything coding in the backend, it's coded on the front end. Guardium has limitations so most companies using advanced technologies have stopped using this tool because it doesn't have the capability to identify the PII data in flat files. Most companies are moving towards big data.

View full review »
KA
Sales Director at Jordan Business Systems

The only issue is opening the remote connection to the client. IBM needs to focus more on improving remote connectivity. Microsoft and Cisco provide remote connectivity and have gained customer appreciation.

The solution needs some functionality or features to be added. It might not cover Big Data.

View full review »
it_user551505 - PeerSpot reviewer
Senior Advisory Consultant - Cyber Security Practice at a consultancy with 10,001+ employees

There was a slight performance tax on the system and load balancing could be better. We would also like more robust reporting.

View full review »
it_user841977 - PeerSpot reviewer
Sr. Security Engineer

Initially it did not have support external applications like, say, Tableau, ServiceNow, Remedy, and the like. They have started growing into it, but I would like to have more and more integration with outside applications. So that, let's say my one of my application owners has Tableau and wants to directly report on that; if I can just pick and see that report with one click, that would help.

View full review »
BD
Information Security Analyst Consultant at a insurance company with 10,001+ employees

Overall testing and quality need improvement. It is fairly buggy at times, so it feels like it could use additional staff on the product, testing and trying it out.

I would like to see a lot of additional reporting and analytics features. They have basic outlier detection, but I would love to see that go further, and model it after analytics tools like Splunk. If the product could integrate with Splunk, or mimic it, it would provide a lot of value. 

View full review »
SW
Sr. Network Specialist at a tech services company with 501-1,000 employees

IBM Guardium Data Protection is a mature product. There is a lot of encryption that is not owned by IBM and is done by a third party and is not an integral part of the solution.

View full review »
BH
DBA Dept. Manager at a computer software company with 501-1,000 employees

The installation should be a bit easier. It's pretty hard to implement right now.

The solution is very expensive. It's expected, as IBM is known to be pricey. It would be nice if they could make it cheaper.

As we are still in the process of implementing the product, it's hard to discuss the features and what might be missing, or could be added. We need more time with the solution to see how it works or what's missing.

View full review »
AsifIqbal - PeerSpot reviewer
Chief Information Security Officer at a financial services firm with 1,001-5,000 employees

The reporting on the solution is weak. It needs to be improved and enhanced. From a management point of view, it's really important to have reports. They should be offering easily extractable reports that we, as users, can benefit from.

The technical support is very poor.

Integrations are difficult to configure upon the initial setup.

The solution needs to offer data encryption.

View full review »
it_user844467 - PeerSpot reviewer
VP Systems Engg at a financial services firm with 10,001+ employees

We have made a list of RFIs. There are features like end-to-end and S-TAP mapping, and the ability to install policies for your configuration builder. They're not there, but we'd like to see them in the next version.

View full review »
it_user840891 - PeerSpot reviewer
Systems Programmer at a financial services firm with 10,001+ employees

Right now we're having some issues where it's using a high CPU, we don't know why. So, better testing before the product is ready would help.

View full review »
RM
Senior Analyst at a energy/utilities company with 10,001+ employees

I would like to see improvements in scalability and easier installation.

View full review »
it_user538203 - PeerSpot reviewer
Solution Architect at a financial services firm with 10,001+ employees

* First of all. GUI and user experience needs to be reworked from scratch. Product management console look like from 90's.

* Deployment process is very complicated as you need to now all advanced parameters. Almost not possible to figure out for yourself.

* Central Manager (CM) needs rework to. Some configuration params still needs to be done on collectors locally.

* Agent statistics is not available by default. You have to make a report and still you will not see all information like data interface activity.

* Dynamic datasets is rocket science. To make it work you have to build several additional procedure, which make it extremely fragile.

* Audit data is a single block. if you have several policies you can't purge data for specific policy.

* Collectors requires enormous amounts of resources comparing to other products available on the market.

View full review »
VN
Senior Manager at PT Permata Anugerah Abadi

There could be a feature to integrate and protect multiple databases. The local support services need improvements as well.

View full review »
AF
CyberSecurity Leader Specialist at KLNCIT

The documentation could be better. 

View full review »
Md Saiful Hyder - PeerSpot reviewer
AGM, Enterprise Solutions at Omgea Exim Ltd

One thing I'm always thinking with regard to Guardium Data Protection is that, when compared to Oracle AVDF, Oracle's often got the upper hand when it comes to the standard features. So I believe that needs to be addressed by IBM. 

Guardium Data Protection is far better in terms of external integration. But in terms of firewall features, like when you're blocking activities, it's as if Oracle AVDF simply has superior features. This is just from third-party observations, but the users of Oracle AVDF are saying that when it comes to the firewall and protection functionality, they're much more inclined to AVDF. Considering the competitive benefits that AVDF is providing compared to Data Protection, I can see that some improvement is required in terms of the firewall-related features.

Another observation I have is that industry resources are not available to handle this product, and I believe that deployment should be much easier than what we have right now. I'm thinking along the lines of some kind of wizard that makes it easier for users to get started right away. For example, to make it so they can do the deployment easier with drag and drop, etc.

It has to be more user-friendly so that anybody can deploy it, anybody can adopt it, and anybody can do the configuration. It has to be built in such a way that even if you are not a product expert, whether from IBM or otherwise, or that if you know only Word, then you can still configure it. So they have to offer that flexibility in the product.

They can hide the complexity by bringing in more GUI elements so that people can more easily get on board. And also they can introduce the knowledge base side by side so that whenever they are using the product, they can quickly check what exactly needs to be configured. You have Redbooks, and Redbooks can help but maybe they can include something extra. While users are installing maybe IBM can put in some guidance, "Okay, if you do this then you configure this and that."

At the same time, the market has lots of Oracle expertise here. But for IBM, there are no local resources available, and we are highly reliant on external resources. So, I would highly recommend that IBM initiates something like a certification campaign for the end user, as well as for the partner. As a partner, we are trying to do our level best, but I believe it would really benefit users for IBM to come up with some pre-certification campaigns like AWS and Azure do, especially in terms of how they promote their products through learning.

What I believe is that, in order to establish the product in the market, IBM has to invest in developing resources. IBM need to strategize in such a way that it's not just selling. IBM has to develop the resources within the industry, so that there's more word of mouth; people are now talking about AVDF, because they only know about AVDF.

View full review »
AA
App Mainframe And Storage at a financial services firm with 1,001-5,000 employees

This would be a question for one of the technical folks, probably not for me.

View full review »
it_user545376 - PeerSpot reviewer
Senior System Administrator IBM Certified Specialist Infosphere Guardium at a financial services firm with 1,001-5,000 employees

Some improvements were needed in version 9.6, those are covered in version 10 already. If we face any issues or bugs in the product IBM provides the patch on that.

View full review »
MH
Junior Software Engineer at a computer software company with 201-500 employees

It would be helpful, and convenient to improve the Chat support.

View full review »
it_user844479 - PeerSpot reviewer
People Leader Of Cyber Strategy And Solutions at a insurance company with 10,001+ employees

My only negative thing on Guardium would be it is too smart. I am struggling getting through to social. In an ideal world, I would be able to populate every US zip code and have Guardium find the number, then identify it as a zip code. Right now, I have to pull it down and compare it.

View full review »
it_user842901 - PeerSpot reviewer
Data Architect at a transportation company with 1,001-5,000 employees

More cloud support. 

View full review »
it_user631725 - PeerSpot reviewer
Application Architect at a healthcare company with 1,001-5,000 employees

If I used it every day I'd probably be able to give you a really good answer. But I don't.

View full review »
QN
Sales leader at EFH

I would like to see AI and machine learning added in the future.

View full review »
VD
Socio Director at RAMDIA

The most important requirements for us are integration with new database solutions and the ability to manage things like Jailbreak or something like that.

Its reduction feature can also be improved. It has a functionality called reduction, which is like masking data, but it is just a replacement of characters. Sometimes the customer needs more than this. It would be good if it was more advanced or complete.

We also have a problem with this solution because the IBM aggregator isn't working very well. IBM has created big data intelligence for Guardium, and occasionally, customers need three or four months of data, but they can't run it from the collectors.

It can have a better dashboard and more pre-defined use cases for those customers who don't have any idea about data protection or don't have expert personnel in this area. For example, they can include five use cases for banks and five use cases for retail.

View full review »
AV
Information Technology Consultant at Aeries Technology Group

Sometimes the connectors to the databases need to be manually updated and we have to configure them again, which is something that should be improved.

View full review »
it_user841971 - PeerSpot reviewer
Guardium Engineer

Get rid of the collectors. Stream the data directly from the agents to the Big Data link.

View full review »
it_user560268 - PeerSpot reviewer
Information Security Engineer at a financial services firm with 10,001+ employees

DB user profiling is something that should be part of Guardium auditing systems.

Also, reporting is not user friendly as compared to other tools. Moreover, for each report, you have to create an audit policy to create the report. It should be policy-based.

View full review »
SK
VP - Enterprise Security & Cloud Business at a tech vendor with 1,001-5,000 employees

With these solutions, flexibility is always an issue and that applies to Oracle and other similar products. Integreon, which is much smaller in size, is likely to be more flexible than IBM. 

There is a big concern here in India about deploying on cloud so the one thing I would like to see in the next release is a fast option from IBM that is hosted from their India cloud data center.

View full review »
MT
Database Administrator at a healthcare company with 10,001+ employees

I would like them to support cloud services.

View full review »
AK
CTO at a tech services company with 11-50 employees

The analysis part of this product could be improved. It's a very comprehensive product, so the features it has complement customer requirements. But I would like to see more emphasis on analytics, and it would be great if they added machine learning. They already have analysis insights, but a comprehensive analytical feature that's already incorporated into the solution would be very helpful. 

View full review »
MN
Trusted Security Advisor at a tech services company with 501-1,000 employees

The biggest complaint that I hear from customers and users is that using this solution requires database skills, yet it is a security and monitoring tool. Specifically, it is a tool that is used for monitoring the database administrator. The database expert will not want you to implement control on top of him, so you instead need to utilize a person from security. However, security people do not have a complete set of database skills. So, there is always a gap in the administration and the person who is going to manage this tool. As such, the person using this tool feels that it is complicated, doesn't know where to go and what to do.

I have heard that the latest version has better support, with better access, and a better GUI that is easier to use than before. At the same time, this is still one of the main concerns that I always hear from the customers.

The second most common complaint that I hear is in regards to the support from IBM. Some of the cases are open for a very long time because they do not have local engineers to come and look at the issues. In our region, my company is providing 24/7 support to help close these gaps. This has strengthened our presence in the market, but in other regions, this is still a complaint that customers have.

View full review »
it_user588594 - PeerSpot reviewer
Security Software Presales Specialist

While Guardium is great at structured monitoring (DAM), the product is lacking features on the file activity side (FAM). We would also like to see tighter integration with Active Directory and Exchange monitoring.

View full review »
it_user549432 - PeerSpot reviewer
Senior IT Consultant at a government with 1,001-5,000 employees

The maintenance and support aspects of the product need improvement.

Probably, it should be more related to the product patching method. Even though the support service was great, the resolution doesn't comes quick enough to address the client's issue. We understand those resolutions only exist in the next patch version after quality testing. However, till that release comes out, we have to suffer in silence with the bug issues.

View full review »
it_user841947 - PeerSpot reviewer
Systems DBA at a insurance company with 1,001-5,000 employees

The one thing that I would like to see improved, but I don't think it's going to be in the next release, is its reporting capabilities. I think that's been offloaded to another third-party product that I think IBM actually endorses for that. It was built by the guy who helped develop Guardium but left IBM and spun up his own company. They found a need and they filled it. I think they filled it better than at least IBM thinks they can do for now.

View full review »
it_user542787 - PeerSpot reviewer
Senior Middleware Engineer at a tech company with 501-1,000 employees

I would like to be able to upgrade appliances within major versions without needing to rebuild the appliance. Once, I tried to upgrade a Guardium Appliance from v9.5 to v10 and there was no available patch for that. Therefore, the solution was to back up the appliance data, rebuild the appliance with the v10 image and then restore the data. This procedure is highly risky, because you can lose all the data if the restoration does not succeed. Installing a patch is much easier and there is no data loss risk!

View full review »
it_user844488 - PeerSpot reviewer
Security Analyst at a insurance company with 1,001-5,000 employees

It will not go as fast as you want. 

View full review »
it_user261765 - PeerSpot reviewer
-- at a tech services company with 51-200 employees
  • There are some GUI improvements that I have provided to development already.
  • Performance and the ability to use resources could be improved. 
  • The ability for Central Managers to talk to one another could be improved. I have 26 Central Managers and 26 silos which are independent.
  • Some of the data handling or data recording could be improved. We are doing it with external software, components, etc. 
View full review »
it_user842865 - PeerSpot reviewer
Database Administrator at a financial services firm with 11-50 employees

Lower pricing would always be good but apparently we're getting our money's worth or we wouldn't be using it.

View full review »
it_user581697 - PeerSpot reviewer
Database Security Specialist at a tech services company with 51-200 employees

The blocking and dynamic data masking features need improvement.

View full review »
it_user589479 - PeerSpot reviewer
Security Consultant at a energy/utilities company

Reporting has always been a weakness, but it has improved across the versions. In early versions, the reporting always seemed like a late add-on, and the graphics were poor. This has improved over the years and the reporting is a lot better now, with greater filtering and display options.

View full review »
FT
Information Security Analyst at a government with 1,001-5,000 employees

The backend database requires improvement for faster searching. This makes it easier for analysts to investigate older data.

View full review »
CR
Head, Cybersecurity at a tech services company with 11-50 employees

An improvement would be to make the pricing relative in terms of regions. In the next release, IBM should incorporate more AI capabilities to better detect vulnerabilities.

View full review »
ND
Technical Manager at a computer software company with 51-200 employees

If IBM Guardium Data Protection could find a way to not have a lot of coding and development required to get the solution up and running it would be an advantage. The information of the agent could improve, which is necessary for us to monitor the databases would be a great benefit.

View full review »
it_user842892 - PeerSpot reviewer
Cyber Security Architect at a tech services company with 11-50 employees

They could improve the Data Masking a little.

View full review »
it_user541269 - PeerSpot reviewer
BI Consultant /Data Security at a tech services company with 51-200 employees
  • UI: Version 10 of Guardium was introduced with a new UI that was completely redesigned. Some fast-access functions and options are not easy to find in the new UI.
  • Real-time masking is a bit simple and doesn't allow you to create complex masking rules.
View full review »
MS
Security Specialist at a tech services company with 51-200 employees

Guardium's storage capabilities could use some improvement. I'd also like to have some better integration using digital technology or a connector.

View full review »
SM
Information Security Analyst at a tech services company with 501-1,000 employees

I have already mentioned to IBM that a primary need is to improve the number of records in the reports above 65,535.

View full review »
it_user841920 - PeerSpot reviewer
Business Development Manager at a tech services company with 10,001+ employees

An integration with Optum. Optum is another solution, but it is a segmenting software, portfolio not security. However, I am selling them together as one solution, Guardium and Optum.

View full review »
it_user618123 - PeerSpot reviewer
Senior IT Consultant, Pre-Sales Manager, Project Leader at a tech services company with 51-200 employees

The graphics are so lame. I am sure that the latest version of Guardium, Version 10, would have improved it perfectly.

I see that they have improved the chart and diagram in the latest version of Guardium. However, there are some limitations on how the chart displays the data for analytic needs.

I am not sure if Guardium has the dashboard design to see the information much better.

View full review »
EW
‎IT Security Analyst at a tech services company with 11-50 employees

Needs easier integration with custom applications.

View full review »
it_user844485 - PeerSpot reviewer
President at a tech vendor with 1-10 employees

More predictive, using Watson AI would be good.

View full review »
it_user385986 - PeerSpot reviewer
Pre Sales Engineer at a tech services company with 501-1,000 employees

The FAM module needs to be improved. This module is for file activity monitoring and here if IBM would focus on marketing this part, it will be good as the end-user can monitor any configuration file in servers and not only the DB.

View full review »
TA
Information Security Consultant at a tech services company with 51-200 employees

The price of this solution is quite high for smaller organizations, so they should release a version that is affordable for small and medium-sized businesses.

View full review »
it_user593442 - PeerSpot reviewer
Technical Specialist/Consultant Ibm at a tech services company with 5,001-10,000 employees

I would like to see a better GUI. IBM is working on GUI improvements with every new release.

View full review »
VG
Security Engineer at a tech services company with 501-1,000 employees

An area for improvement would be the user interface - currently, it takes around two to three months to become comfortable using it. In the next release, I would like to see more integration with other vault vendors.

View full review »
Buyer's Guide
IBM Security Guardium Data Protection
March 2024
Learn what your peers think about IBM Security Guardium Data Protection. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.