July 22, 2024

Advanced Database Activity Monitoring with IBM Security Guardium!

Item: IBM Guardium
Rating: 10
Author: Verified User

Verified User

Analyst in Information Technology

Electrical & Electronic Manufacturing Company, 5001-10,000 employees

Score 10 out of 10

Vetted Review

Verified User

Modules Used

IBM Security Guardium Insights
IBM Security Guardium Data Security Posture Management (DSPM)
IBM Security Guardium Data Encryption (GDE)
IBM Security Discover and Classify
IBM Security Guardium Key Lifecycle Manager
IBM Security Guardium Vulnerability Assessment
IBM Security Guardium Data Protection
IBM Data Risk Manager

Overall Satisfaction with IBM Guardium

Use Cases and Deployment Scope

We deployed and implemented the alerts on database activities on sensitive databases. Before the implementation we did not have visibility on databases. After its implementation in detection mode, the next phase was to enabling the blocking of any activity that contradicts the IT Security policy for accessing any type of database. We implemented IBM Security Guardium for safeguarding MS SQL and Oracle databases.

Pros and Cons

Pros

Database activity monitoring
Blocking of any suspicious access to database
Low performance impact of its agent that is installed on database server

Cons

Rules creation should be more easier
Report should be robust to cater customized requirements from the client
Implementation should be more easier

Return on Investment

ROI was approx 300K USD in a year
Detection time was improved by 90%
Risk for data breaching decreased approximately 80 to 85%

Usability

Implementation needs to deploy multiple servers and agents across the enterprise. Installing collector, aggregators and GIM and STAPs are sometimes become cumbersome in big organization. Secondly, the DB Admins/Managers are reluctant to install any agent on their databases servers, so being the security admin we must have readily available stats regarding performance impacts on different types of databases. Further it is very hard to deploy the Taps on IBM AIX servers.

Security

Yes, we had a proactive monitoring for our databases. Detection was improved by approx 80%. We created the rules for meeting different compliances like PCI DSS. We had the capability of scanning for vulnerabilities as well against different threats. IBM Security Guardium Analyzer was also a nice product based on cloud deployment to scan the DBs for vulnerabilities.

Alternatives Considered

IBM Security QRadar SIEM, New Relic and AppDynamics

IBM is the industry leader in DAM domain.
Cost was also a factor.
Technical support was good.
Security vendors for implementation were available.
vendor support was awesome.
good integration with IBM Qradar SIEM solution.
Blocking feature for malicious activity.
low performance impact for installing GIM and STAPS on database servers.

Key Insights

Do you think IBM Guardium delivers good value for the price?

Yes

Are you happy with IBM Guardium's feature set?

Yes

Did IBM Guardium live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of IBM Guardium go as expected?

Yes

Would you buy IBM Guardium again?

Yes

Other Software Used

IBM Security MaaS360, IBM Security QRadar SIEM, FortiSOAR

Likelihood to Recommend

It is best suited where multiple databases are running and you need to have a single pane for having checks on databases.
Not suitable for small organizations.

Comments

Please log in to join the conversation