We are getting syste panics with both IBM Guardium and CA PIM co-existing on the same machine.
Installing IBM Guardium on new ESS EXADATA had some issue and vendor (IBM) recommended to disable Secure Boot on EXA to install Guardium.
Yes, it is considered a best practice to disable EFI Secure Boot. That feature does not allow 3rd party kernel modules to load.
Here is a doc from Oracle that should help determine if this is the problem: