Tripwire Enterprise and Via Data Mart
June 03, 2013
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full end-to-end system and security policy management with robust modelling and reporting
- Weaknesses: Can be costly for some organisations
- Verdict: If one can afford it, these tools are worth a close look. Carries the Tripwire tradition forward in fine style
Tripwire Enterprise and Via Data Mart are two products that comprise a suite for maintaining configuration states of servers, network devices and databases, as well as robust reporting services, to allow for deeper analysis of security and configuration policy.
Tripwire Enterprise is a tool for full-service system configuration management that allows administrators to put a policy in place and have systems continuously checked against that policy to ensure compliance.
Via Data Mart, on the other hand, is more of a way for administrators to collect information from various sources throughout the environment, including output from configuration and vulnerability management systems, and turn the data into a way of testing security policy changes through the use of dashboards and rich reports.
We found these products can be easily installed on the same server, and initial installation and setup does not take long at all. Both products include Windows and Linux installers for greater deployment flexibility. We chose to install both on a Windows server. The installation process is similar in both products, and is done by running an executable, which launches a brief setup wizard. At its completion all of the components are installed and all further management is done via a web-based management interface, which we found to be well organised with intuitive layouts.
We found Tripwire Enterprise to be more like three products in one, rather than just a simple system configuration management tool. It is built on three solid functions that include configuration management, file integrity monitoring and remediation. These work together to provide a robust feature set. The Policy Manager function allows administrators to define policy and assess their configurations against any of more than 250 policies, standards, regulations and vendor guidelines. File Integrity Manager continually checks systems for unauthorised or unneeded changes. Finally, Remediation Manager automates remediation and maintains compliance throughout the enterprise.
Documentation provided includes both installation and administrator guides in PDF format for both products, which were well organised and contained an excellent amount of detail, including many screenshots and configuration examples.
Tripwire offers all customers basic, no-cost phone and email support and they can access an online area that includes many resources, such as a knowledgebase and user forum. Additional aid is available, with the cost for premium support based on the number of licences purchased.
At a price starting at £13,200 for both Tripwire Enterprise and Via Data Mart, it can be quite pricey for some environments but we find it to be good value for money. In this pricing model however, Via Data Mart takes up the bulk of the cost, so if data modelling is not a part of the overall strategy the cost drops significantly. That said, it does offer a lot of excellent capabilities for better security policy and overall security posture.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report