IBM Guardium : End-to-end Database Security to Find Your Critical Data, Monitor and Protect Them in a Box
September 24, 2018

IBM Guardium : End-to-end Database Security to Find Your Critical Data, Monitor and Protect Them in a Box

Adem Çeltik | TrustRadius Reviewer
Score 9 out of 10
Vetted Review

Overall Satisfaction with IBM Security Guardium

IBM Security Guardium is a very useful tool to classify the sensitive data on your relational or non-relational databases, and monitor the activities of end users that can access the databases, like DBAs, Application Developers, etc. It supports almost every database and operating system platforms on our environment, so we can use it wherever our critical data is stored. IBM Security Guardium also helps organizations to be ready for audits like SOX, PCI, HIPAA, GDPR and etc. It has accelerators to be ready for almost every popular audits. The predefined policies and reports help us to pass the audits.

As everybody knows, GDPR will affect all the auditing mechanisms in the organizations. Every organizations store data that are subject to GDPR. IBM Security Guardium can easily find the tables,fields, views that stores the GDPR related data with its predefined classifications policies. It is free with base license. We are also using Guardium Vulnerability assessment tool to find the vulnerabilities about privilege, configuration and authentication on our databases.

Pros

  • Activity Monitoring : IBM Guardium monitors our databases without changing any configurations on the databases and servers. The STAP agent that push the SQL traffic from the database server to Guardium collectors is very robust, and it runs with minimum requirements.
  • You can define the activities to the finest detail in the policies to take actions. You can define the critical activities for your organizations and take the real time alerts for critical activities.
  • Classification : It has pre-defined Classification policies for GDPR to find critical data locations on our databases. Classification policy builder is easy to use if you want to write your own classification policy.
  • Reporting mechanism is very straight forward, to find logs. You can easily schedule them to distribute your colleagues to review them.

Cons

  • GUI was very complex older than v10, it becomes a little bit easy to use, but the user interface should be developed to become easier.
  • The error logs are hard to understand. If there is an issue about any function, the error messages cannot be understand easily.
  • IBM Security Guardium helps you to be compliance ready like GDPR,SOX,PCI,vs. If you configure it correctly, you are ready to audit.
IBM Guardium has sufficient platform supports comparing the others. The IBM Guardium users are very happy in Turkey, so it is a defacto. Agent stability is better than others. It has more capabilities than others(Vulnerability Assessment,Database Discovery, Data Classification, etc.) Local support is very good.
IBM Security Guardium is an end-to-end DB security solution. You can detect critical data on your databases, and monitor your database activities , and you can block some critical sqls that the users should not be run.
IBM Security Guardium is not appropriate for monitoring applications traffic, because when you want to monitor application traffic, you cannot define the end user easily, and the SQL activities are difficult to interpret the jobs on the application.

Comments

More Reviews of IBM Security Guardium