IBM Ventures in Real-Time Enterprise Database Monitoring And Protection With Guardium Acquisition

IBM (IBM) announced it has acquired Guardium, reportedly a market leader in real-time enterprise database monitoring and protection. Guardium’s technology helps clients safeguard data, monitor database activity and reduce operational costs by automating regulatory compliance tasks. Guardium is a privately held company based in Waltham, Massachusetts.

The acquisition of Guardium will enable IBM clients to maintain trusted information infrastructures by continuously monitoring access and activity to protect high-value databases against threats from legitimate users and potential hackers. It will also help clients streamline compliance processes for ever-changing industry and government mandates with centralized and automated controls for all major platforms.

Guardium is designed for cross-platform environments. The technology identifies patterns and anomalies in data access and usage allowing organizations to maintain the integrity of their data. The monitoring capabilities of Guardium’s technology also detect fraud and unauthorized access via enterprise applications such as an organization’s ERP, CRM or Data Warehousing solutions.

The Guardium solution consists of a modular software suite built on a hardened Linux kernel and deployed as a series of pre-configured appliances.  The product can also be deployed as a software-only solution.

All database transactions are monitored and analyzed in real-time, using both policy-based controls and anomaly detection to identify unauthorized or suspicious activities. Simultaneously, all transactions are stored in a structured audit log repository (an embedded, high-performance database) for real-time correlation analysis, compliance reporting, auditing, and forensics.

Unlike traditional database logging solutions, Guardium’s architecture is non-invasive, network-based, and DBMS-independent.  It provides 100% granularity and visibility into all database transactions, including DDL, DML, SELECTs, DCL, stored procedures, security exceptions, before/after data values, and all privileged user activities (including those performed via local access to the DBMS server).

It claims to have “virtually zero impact on performance”, does not require changes to your databases, and does not rely on local database trace or transaction logs.

This acquisition is intended to extend IBM’s business analytics strategy, enhancing the range of offerings currently available through IBM’s recently-announced Business Analytics and Optimization Consulting organization with 4,000 consultants, a network of analytics solution centers, and an overall investment of more than $12 billion in organic growth and acquisitions.
Source: IBM Press Release, Guardium