IBM InfoSphere Guardium DAM (Data Activity Monitor)


Guardium Logo

Monitor and audit data access and automate compliance


Databases contain companies’ most valuable assets:

  • Customers’ information
  • Credit card data
  • Financial records
  • Other sensitive data

IBM Security Guardium is the leader Solution for monitoring and auditing data access. It prevents unauthorized data access, alerts on changes or leaks to help ensure data integrity, automates compliance controls and protects against internal and external threats.

With IBM® Security Guardium you can:


  • Monitor and audit all data activity for all platforms and protocols.
  • Enforce security policies in real time for all data access, change control and user activities.
  • Create a centralized repository of audit data for enterprise compliance, reporting and forensics.
  • Support heterogeneous environments all leading platforms, file shares and operating systems, including big data environments.

IBM Security Guardium architecture offers:

  • Exceptional solution scalability;
  • Compatibility with a great range of databases and Big Data technologies;
  • Reduced operating costs by using a centralized management;
  • Operating environment transparency, without requiring configuration changes to databases or applications.

Data traffic analysis

Unlike traditional security approaches that are based on retroactive incident analysis, IBM Security Guardium continuously monitors data traffic and according to predefined security policies allows for:

  • Real-time security alerts
  • Move suspicious users into quarantine;
  • Block unauthorized users
  • Mask query result data, reducing the risk of exposure of sensitive data

Comprehensive Visibility

The centralized repository of IBM Security Guardium and it’s predefined reports ensure comprehensive visibility of all operations performed on the monitored databases, simplifying and reducing costs in the preparation for compliance audits.

  • PCI-DSS;
  • Sarbanes-Oxley (SOX);
  • HIPAA;
  • Basel II;
  • Other regulations

THE BEST

The IBM Security Guardium was recognized by Forrester WaveTM Database Auditing and Real Time Protection as a Leader, with the highest rankings in Market Presence, Strategy and Current Offering.

"IBM Security Guardium has been deployed across many large enterprises..."

"IBM Security Guardium continues to demonstrate its leadership in supporting very large heterogeneous environments, delivering high performance and scalability, simplifying administration and performing real-time database protection."

"IBM continues to focus on innovation..."

The IBM Security Guardium was recognized by more than 600 enterprises as best solution for Data Protection.

Watch the videos and learn how IBM Security Guardium can help your company protect sensitive data, simplifying and reducing compliance costs.

Large Protection

IBM® InfoSphere® Guardium® Data Activity Monitor prevents unauthorized data access, alerts on changes or leaks to help ensure data integrity, automates compliance controls and protects against internal and external threats.

Through continuous monitoring and real time security policies IBM Security Guardium Data Activity Monitor (DAM) protects data across the enterprise without changes to databases, applications or performance impacts.

IBM Security Guardium Data Activity Monitor can:

  • Monitor and audit all data activity for all platforms and protocols.
  • Enforce security policies in real time for all data access, change control and user activities.
  • Create a centralized repository of audit data for enterprise compliance, reporting and forensics.
  • Support heterogeneous environments all leading platforms, file shares and operating systems, including big data environments.
  • Scalability  – Scales to monitor and protect tens of thousands of databases with a flexible and tiered approach including seamless load balancing and self monitoring

Vulnerabilities Visibility

IBM® Security® Guardium® Vulnerability Assessment scans data infrastructures (databases, data warehouses and big data environments) to detect vulnerabilities, and suggests remediation actions. The solution identifies exposures such as missing patches, weak passwords, unauthorized changes, misconfigured privileges and other vulnerabilities. Full reports are provided as well as suggestions to address all found vulnerabilities. IBM Security Guardium Vulnerability Assessment also detects behavioral vulnerabilities such as account sharing, excessive administrative logins and unusual after-hours activity. IBM Security Guardium Vulnerability Assessment identifies threats and security holes in databases which could be exploited by intruders and hackers to gain access to sensitive data.

Integration and Scalability

Most organizations have some security solutions in place today such as a security information and event management (SIEM) solution or application-level access controls. However, most existing security solutions can’t provide deep insight into database specific vulnerabilities. IBM® Security® Guardium® Vulnerability Assessment provides this insight while seamlessly integrating with existing security solutions.

IBM® Security® Guardium® Vulnerability Assessment offers:

  • Database infrastructure vulnerabilities analysis to identify security risks such as missing patches, weak passwords, incorrectly configured privileges and default vendor accounts
  • Detailed report with suggested remediation - Database protection knowledgebase subscription – Gives a whole security vision for the verified environments and recommends real life actionable plans for vulnerability remediation
  • Native Workflow for compliance – Support for Sarbanes-Oxley (SOX), PCI-DSS, HIPAA, Basel II and other regulations;
  • Implementation with minimal performance impact – Compliance requirements are addressed and security strategies implemented without impacting performance.
  • Integration with different databases – Completely transparent, no changes needed.
  • Integration with security systems and standards - Adapt to changes automatically.

LEADCOMM SERVICES PORTFOLIO

Guardium Services – Overview


  • GUARDIUM Implementation Packages:
    • Four Package sizes, two kinds of install (EXPRESS and COMPREHENSIVE):
      • SINGLE: 1 Appliance (for Guardium Express or regular version);
      • SMALL: 2-9 Appliances (only 1 Aggregator/Central Manager);
      • MEDIUM: 10-19 Appliances (2 Aggregators, 1 dedicated Central Manager);
      • LARGE: 20-29 Appliances (3 Aggregators, 2 Central Manager - Failover);
      • More than 29 Appliances: Special project required;
      • GUARDIUM Advanced Features and Best Practices Package;

    • GUARDIUM Training (up to 10 students on-site):
      • QuickStart (8 hours);
      • Advanced End-User (16 hours);
      • Advanced Administration (16 hours);

    • GUARDIUM Health Checks;

    • LEADCOMM AVS – Accelerator Value Services Packages P, Managed-Services offers

    GUARDIUM Express Install Package

    • Installation & configuration planning;
    • Image install on physical or virtual hardware;
    • Basic Appliance setup for:
      • Collectors;
      • Aggregators;
      • Central Manager;
      • S-TAP Agent installation on database servers;
      • Active Directory / LDAP integration;
    • Archiving schedule and procedures;
    • Purging schedule and procedures;
    • Backup scheduling and procedures;
    • Review and assure that IBM Guardium solution is configured and performing according to both IBM and LEADCOMM’s standards.

     

    GUARDIUM Comprehensive Install Package

    • Everything on GUARDIUM Express Install Package, plus:
      • Policy and rules setup, according to customer audit requirements;
      • Alerts setup, according to customer audit requirements;
      • Basic workflow (audit process) setup;
      • Data collection profiling;
      • S-Tap and Appliances load balancing and failover;
      • Custom reports creation, according to customer audit requirements;
      • PCI, SOX or HIPPA accelerators setup;
      • SIEM integration;

    NOTE: Some activities may be executed exclusively remotely, as agreed between LEADCOMM and the end customer on a per-project basis.

    GUARDIUM Advanced Features and Best Practices Pack

    • Designed for Phase 2 typical projects
    • Focused on implementing and setting a usage culture for features like:
      • Discovery, classification, entitlement management
      • Dynamic blocking and masking, alerts, and quarantine
      • End-user-Identification
      • Advanced Workflows and Compliance automation customization
      • Bi-directional integration with QRADAR
    • Best when coupled with LeadComm managed-services like offers to guarantee solution longevity / stability

     

    GUARDIUM Training
    Available Modules

    LEADCOMM offers three different on-site training modules, IBM only has a single on-line training:

    • Module I – QuickStart (8 hours):
      • Designed for Guardium end-users (in general Auditors), addresses basic usage concepts;
      • Module II – Advanced End-Users (16 hours):
      • Designed for Guardium advanced end-users (in general people from I.T. Security), addresses advanced Guardium usage concepts, policy creation and administration, alerts & workflow;
      • Module III – Advanced Administration (16 hours):
      • Designed for Guardium administrators (in general people from I.T. infrastructure), addresses installation & maintenance of S-TAPS, collection profiling, archive, purge, backup and restore, SIEM and Active Directory / LDAP integration, appliances administration;

    GUARDIUM Health Check

    • Allows the usage of LEADCOMM’s expertise and proven best practices to assess, guide and validate a GUARDIUM customer deployment;
      • Provides both up-front and on-going architect support for defining and validating technical and business objectives in addition to formal reviews at critical phases throughout the lifecycle of the solution implementation.

        Formal reviews include:
      • Design Review – Up-front technical assessment of solution, growth planning advice, scope definition and technical design evaluation(s);
      • Configuration Review – Mid-engagement development review(s);
      • Deployment Review – Final assessment before deployment;
      • Operational Review – “Point in time” technical monitoring after deployment;

    NOTE: During each Health Check review, LEADCOMM generates a report of review findings that will include evaluations against technical and business requirements, potential risks, and recommendations.

     

    LEADCOMM AVS – Accelerated Value Services

    • Services offering that enhances the standard product support offered by IBM
    • Based on LEADCOMM’s Guardium SPP Support Providing Partner) capabilities, designed to drive maximum value from Guardium investment with proven quantifiable results. It includes:
      • Proactive and Expedited Support;
        • Scheduled On-site support;
        • Priority call handling:
          • Problem root cause identification and mitigation;
        • Priority for new features and patch requests;        
        • Single Point of Contact;
          • PMR (IBM Trouble Tickets) lifecycle managed by LEADCOMM professionals;

    Our highlights

    • 11+ years with Guardium
    • 260+ installed Appliances
    • 38.000+ hours of services
    • America’s Only Business Partner (including US) with SPP certification (only 2 worldwide)
    • One of the few Business Partners worldwide with Guardium certification for Mainframe environments
    • One of the few Business Partners with Gold Guardium Accreditation certification (only 4 worldwide)
    • Large experience in complex deployments including Mainframe, Multiple Appliances, Aggregators, Central Management and DR, SIEM integration

    Downloads


    Success Cases

    Video: Volkswagen Financial Services
    (in Portuguese)

    Success Story: Volkswagen Financial Services

    About LEADCOMM and IBM Security GUARDIUM

    LEADCOMM identified the Guardium technology soon after its creation and brought that technology to Brazil in 2004 as the sole distributor for Brazil, a fact which lasted until the company's acquisition by IBM in November 2009. From this date, LEADCOMM has become the main partner for IBM Guardium technology in Brazil and one of the main partners in the world, recognized by IBM through the following authorizations:

    IBM PREMIER BUSINESS PARTNER

     

    IBM Premium Partner
     
     

    Premier Business Partners have demonstrated superior skills and market success. They actively collaborate with IBM to deliver significant client value through innovative solutions.

    LEADCOMM is one of only two S.P.P. (Support Providing Partner) approved for IBM InfoSphere GUARDIUM worldwide and is the main services provider for this complex solution.

    IBM SVP INDUSTRY AUTHORIZATION - BANKING

     
    IBM SVP INDUSTRY
     

    Software Value Plus (SVP) Industry Authorization is an initiative for IBM's most highly industry skilled Business Partners.

    SVP Industry Authorization recognizes and rewards industry focused Business Partners who sell value-add solutions that implement the business capability of an IBM Industry Solution Offering. Industry Solution Offerings are prescriptive IBM software offerings when combined with Business Partner’s value-add deliver targeted solutions to industry clients’ challenges and opportunities.

    IBM SVP CAPABILITY AUTHORIZATION - SECURITY

     
    IBM SVP CAPABILITY
     

    Software Value Plus (SVP) Security Authorization is an initiative for Business Partners focused on delivering value-add security solutions protecting client’s IT systems and assets.

    SVP Security Authorization recognizes and rewards Business Partners who sell their proven value-add security solutions. These solutions, enabled by IBM software products, address both foundational and high-growth security solutions including mobile, big data and advanced attacks.