It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment.

It was also expensive.

The only problem is that some of the reports come up with blanks and missing data. In this area, it's a challenge, especially when there is a lot of traffic on the servers that you are trying to monitor. Sometimes the reports come out with question marks.

Building policies is not that easy. Some things are turned off by default, for example, displaying values. Maybe it's a good security feature, but sometimes the user finds it frustrating because they are expecting to see the result set.

The biggest challenge is in building policies because you have to involve users and stakeholders.

When you are training a user, there is a disconnect with the classroom-lead IBM training. The training is intensive. For five days you are hammered, but when it comes to doing it, it's a different understanding, so users find it difficult.

Pricing could be improved. Small firms shy away from IBM because of the pricing.

In the next release, I would like to see some third party support. A different way the developers can build the entire application. We would like to see more applications added. It is called IBM Security Exchange, so this is where you find that IT is going to develop some apps that can be run on Guardium. If you go to IBM QRader or SIEM for example, they have many applications that you can add to your existing deployment that are the same for Guardium.

The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster. As it is now, the test list is fairly long.